Netgear Rbr840 vulnerabilities

CVE-2026-0405 [MEDIUM] CWE-287 CVE-2026-0405: An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

CVE-2026-0404 [MEDIUM] CWE-20 CVE-2026-0404: An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default.