CVE-2026-0408

UNKNOWN 0.0

Path traversal vulnerability in Netgear WiFi Range Extenders

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI.

CWE	CWE-287
Vendor	netgear
Product	ex5000
Published	Jan 13, 2026
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for netgear ex5000

Be the first to know when new unknown vulnerabilities affecting netgear ex5000 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

NETGEAR / EX5000

0 < v1.0.1.82

NETGEAR / EX3110

0 < v1.0.1.82

NETGEAR / EX6110

0 < v1.0.1.82

NETGEAR / EX2800

0 < v1.0.1.82

References

NVD ↗ CVE.org ↗ EPSS Data ↗

netgear.com: https://www.netgear.com/support/product/ex5000 netgear.com: https://www.netgear.com/support/product/ex3110 netgear.com: https://www.netgear.com/support/product/ex6110 netgear.com: https://www.netgear.com/support/product/ex2800 kb.netgear.com: https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory

Credits

chiphazard