CVE-2025-12943
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-12-08
Assigner: Netgear, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netgear | rax30_firmware | to 1.0.14.108 (exc) |
| netgear | rax30 | * |
| netgear | raxe300_firmware | to 1.0.9.82 (exc) |
| netgear | raxe300 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is due to improper certificate validation in the firmware update logic of NETGEAR RAX30 and RAXE300 routers. It allows attackers who can intercept and tamper with the traffic destined for the device to execute arbitrary commands on the device.
How can this vulnerability impact me? :
An attacker able to intercept and modify traffic to the affected devices can execute arbitrary commands on the router, potentially compromising the device's security and functionality. This could lead to unauthorized control over the device.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, check the firmware version of your NETGEAR RAX30 or RAXE300 device. If the firmware is not updated to at least version 1.0.14.108 for RAX30 or 1.0.9.82 for RAXE300, update it to the latest firmware version. Devices with automatic updates enabled may already have this patch applied, so enabling automatic firmware updates is also recommended.