CVE-2025-12946 | THREATINT

Description

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.

PUBLISHED Reserved 2025-11-10 | Published 2025-12-09 | Updated 2025-12-10 | Assigner NETGEAR

MEDIUM: 4.4CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:A/V:D/RE:M/U:Amber

Problem types

CWE-20 Improper Input Validation

Product status

Default status

unaffected

Any version

affected

Default status

unaffected

Any version before V1.1.6.36

affected

Default status

unaffected

Any version before V1.1.6.36

affected

Default status

unaffected

Any version before V1.2.14.114

affected

Default status

unaffected

Any version before V1.2.14.114

affected

Default status

unaffected

Any version before V1.0.17.142

affected

Default status

unaffected

Any version before V1.0.17.142

affected

Default status

unaffected

Any version before V1.0.17.142

affected

Default status

unaffected

Any version before V1.2.14.114

affected

Default status

unaffected

Any version before V1.1.6.36

affected

Default status

unaffected

Any version before V1.0.17.142

affected

Default status

unaffected

Any version before V1.0.17.142

affected

Default status

unaffected

Any version before V1.1.6.36

affected

Default status

unaffected

Any version before V1.0.2.46

affected

Default status

unaffected

Any version before V1.1.6.36

affected

Default status

unaffected

Any version before V1.1.6.36

affected

Default status

unaffected

Any version before V1.0.2.46

affected

Timeline

2025-12-09:

published

Credits

molybdenum finder

References

www.netgear.com/support/product/rs700 product patch

www.netgear.com/support/product/rax54sv2 product patch

www.netgear.com/support/product/rax41v2 product patch

www.netgear.com/support/product/RAX50 product patch

www.netgear.com/support/product/raxe500 product patch

www.netgear.com/support/product/rax41 product patch

www.netgear.com/support/product/rax43 product patch

www.netgear.com/support/product/rax35v2 product patch

www.netgear.com/support/product/raxe450 product patch

www.netgear.com/support/product/rax43v2 product patch

www.netgear.com/support/product/rax42 product patch

www.netgear.com/support/product/rax45 product patch

www.netgear.com/support/product/rax50v2 product patch

www.netgear.com/support/product/mr90 product patch

www.netgear.com/support/product/ms90 product patch

www.netgear.com/support/product/rax42v2 product patch

www.netgear.com/support/product/rax49s product patch

kb.netgear.com/...16/December-2025-NETGEAR-Security-Advisory vendor-advisory

cve.org (CVE-2025-12946)

nvd.nist.gov (CVE-2025-12946)

Download JSON

help @ threatint.eu