CVE-2026-0411: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in NETGEAR RBE97x
An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue.
AI Analysis
Technical Summary
CVE-2026-0411 describes an information disclosure vulnerability in NETGEAR Orbi satellite devices (RBE97x series). This flaw could enable a network-connected user to obtain administrator access to the Orbi router by exploiting sensitive information exposure. The vulnerability specifically affects Orbi systems with satellites; standalone Orbi WiFi Systems without satellites are not impacted. The CVSS 4.2 score indicates a medium severity with attack vector being adjacent network and requiring low attack complexity and low privileges. No vendor advisory or patch information is currently available to confirm remediation status.
Potential Impact
An attacker connected to the local network via an Orbi satellite device could gain unauthorized administrator access to the Orbi router. This could lead to control over router configuration and potentially compromise network security. However, the vulnerability does not affect Orbi systems without satellites, limiting the scope of impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or temporary mitigation has been published by NETGEAR at this time.
CVE-2026-0411: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in NETGEAR RBE97x
Description
An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not impacted by this issue.
CVSS v4.0
Score 4.2medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-0411 describes an information disclosure vulnerability in NETGEAR Orbi satellite devices (RBE97x series). This flaw could enable a network-connected user to obtain administrator access to the Orbi router by exploiting sensitive information exposure. The vulnerability specifically affects Orbi systems with satellites; standalone Orbi WiFi Systems without satellites are not impacted. The CVSS 4.2 score indicates a medium severity with attack vector being adjacent network and requiring low attack complexity and low privileges. No vendor advisory or patch information is currently available to confirm remediation status.
Potential Impact
An attacker connected to the local network via an Orbi satellite device could gain unauthorized administrator access to the Orbi router. This could lead to control over router configuration and potentially compromise network security. However, the vulnerability does not affect Orbi systems without satellites, limiting the scope of impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or temporary mitigation has been published by NETGEAR at this time.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- NETGEAR
- Date Reserved
- 2025-12-03T04:16:18.239Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a283e948dd33fbd8553f0f0
Added to database: 6/9/2026, 4:25:56 PM
Last enriched: 6/9/2026, 4:55:55 PM
Last updated: 6/10/2026, 6:07:53 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.