cvedb.io
CVE-2026-0408
HIGH · CVSS 8
EPSS exploitation probability: 0%
Published 2026-01-13T16:16:11.017 · Last modified 2026-06-17T10:10:46.330

Summary

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI.

Affected products

netgear — ex2800_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when netgear ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.