CVE-2025-12942
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-12-08
Assigner: Netgear, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netgear | r6260_firmware | to 1.1.0.86 (exc) |
| netgear | r6260 | * |
| netgear | r6850_firmware | to 1.1.0.86 (exc) |
| netgear | r6850 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Input Validation issue in NETGEAR R6260 and R6850 routers. It allows unauthenticated attackers who are connected to the LAN and can perform Man-in-the-Middle (MiTM) attacks with control over the DNS server to execute commands on the device. This means attackers can potentially take control of the router by exploiting this flaw.
How can this vulnerability impact me? :
The vulnerability can allow attackers on the local network to execute arbitrary commands on the affected NETGEAR routers by manipulating DNS traffic. This could lead to unauthorized control over the device, disruption of network services, interception or redirection of network traffic, and potential compromise of connected devices.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the vulnerability in NETGEAR R6260 and R6850 devices, update the firmware to versions later than 1.1.0.86. Since the vulnerability allows unauthenticated attackers on the LAN to perform MiTM attacks and command execution, restricting LAN access and monitoring for unusual DNS server behavior may also help as interim measures.