PT-2026-2631 · NetGear · Netgear Wifi Range Extenders
Chiphazard
·
Published
2026-01-13
·
Updated
2026-02-20
·
CVE-2026-0408
CVSS v3.1
8.0
High
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NETGEAR WiFi range extenders (affected versions not specified)
Description
A path traversal issue exists in NETGEAR WiFi range extenders. An attacker with LAN authentication can access the router's IP address and review the contents of the dynamically generated webproc file. This file records the username and password submitted to the router GUI.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netgear Wifi Range Extenders