CVE-2025-12942
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-11

Last updated on: 2025-12-08

Assigner: Netgear, Inc.

Description
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-11
Last Modified
2025-12-08
Generated
2026-06-16
AI Q&A
2025-11-11
EPSS Evaluated
2026-06-14
NVD
CVE-2025-12942
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
netgear r6260_firmware to 1.1.0.86 (exc)
netgear r6260 *
netgear r6850_firmware to 1.1.0.86 (exc)
netgear r6850 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Improper Input Validation issue in NETGEAR R6260 and R6850 routers. It allows unauthenticated attackers who are connected to the LAN and can perform Man-in-the-Middle (MiTM) attacks with control over the DNS server to execute commands on the device. This means attackers can potentially take control of the router by exploiting this flaw.

Impact Analysis

The vulnerability can allow attackers on the local network to execute arbitrary commands on the affected NETGEAR routers by manipulating DNS traffic. This could lead to unauthorized control over the device, disruption of network services, interception or redirection of network traffic, and potential compromise of connected devices.

Mitigation Strategies

To mitigate the vulnerability in NETGEAR R6260 and R6850 devices, update the firmware to versions later than 1.1.0.86. Since the vulnerability allows unauthenticated attackers on the LAN to perform MiTM attacks and command execution, restricting LAN access and monitoring for unusual DNS server behavior may also help as interim measures.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12942. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart