CVE-2025-12946

Description

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.

CVSS breakdown

CVSS 4.0

Attack Vector

Adjacent

Attack Complexity

High

Attack Requirements

Present

Privileges Required

None

User Interaction

Active

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

E

Unchanged

Scope

None

AU

None

R

Adjacent

V

D

RE

M

U

Amber

Affected products

NETGEAR / MR900 – V1.0.2.46
NETGEAR / MS900 – V1.0.2.46
NETGEAR / RAX35v20 – V1.0.17.142
NETGEAR / RAX410 – V1.0.17.142
NETGEAR / RAX41v20 – V1.1.6.36
NETGEAR / RAX420 – V1.0.17.142
NETGEAR / RAX42v20 – V1.1.6.36
NETGEAR / RAX430 – V1.0.17.142
NETGEAR / RAX43v20 – V1.1.6.36
NETGEAR / RAX450 – V1.0.17.142
NETGEAR / RAX49S0 – V1.1.6.36
NETGEAR / RAX500 – V1.2.14.114
NETGEAR / RAX50v20 – V1.1.6.36
NETGEAR / RAX54Sv20 – V1.1.6.36
NETGEAR / RAXE4500 – V1.2.14.114
NETGEAR / RAXE5000 – V1.2.14.114
NETGEAR / RS7000 – 1.0.7.82

Description

CVSS breakdown

Affected products

References