CVE-2026-0408

路径遍历请求示例：/../../../webproc文件路径

{"cve": {"id": "CVE-2026-0408", "sourceIdentifier": "a2826606-91e7-4eb6-899e-8484bd4575d5", "published": "2026-01-13T16:16:11.017", "lastModified": "2026-02-20T19:41:22.173", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability in NETGEAR WiFi range extenders allows\n an attacker with LAN authentication to access the router's IP and \nreview the contents of the dynamically generated webproc file, which \nrecords the username and password submitted to the router GUI."}, {"lang": "es", "value": "Una vulnerabilidad de salto de ruta en extensores de rango WiFi de NETGEAR permite a un atacante con autenticación LAN acceder a la IP del router y revisar el contenido del archivo webproc generado dinámicamente, que registra el nombre de usuario y la contraseña enviados a la GUI del router."}], "metrics": {"cvssMetricV40": [{"source": "a2826606-91e7-4eb6-899e-8484bd4575d5", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "UNREPORTED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NO", "Recovery": "USER", "valueDensity": "DIFFUSE", "vulnerabilityResponseEffort": "MODERATE", "providerUrgency": "AMBER"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.0, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.1, "impactScore": 5.9}]}, "weaknesses": [{"source": "a2826606-91e7-4eb6-899e-8484bd4575d5", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-287"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex2800_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.1.82", "matchCriteriaId": "55DC6A0A-B406-4813-ADA4-05F62A50AA3B"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex2800:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE27681D-2B5D-4816-84CD-ACDBAF1A12CD"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex3110_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.1.82", "matchCriteriaId": "CAF86049-4F34-4615-B8D5-9B06023F1AE9"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex3110:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C254694-4C37-4C5E-BF1C-06EC09BDCA1B"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex5000_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.1.82", "matchCriteriaId": "6D7590BA-50CD-414F-8ED2-458F6227F3CB"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F300D51-FEF5-4D49-851C-5B56F6A5087A"}]}]}, {"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex6110_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.1.82", "matchCriteriaId": "6185EE4D-DFB0-4460-8E90-9DF2F1093004"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex6110:-:*:*:*:*:*:*:*", "matchCriteriaId": "04329A16-D96D-4E1D-8AC9-EA3882F1DC41"}]}]}], "references": [{"url": "https://kb.netgear.com/000070442/January-2026-NETGEAR-Security-Advisory", "source": "a2826606-91e7-4eb6-899e-8484 ... (truncated)