CVE-2025-12946
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: Netgear, Inc.

Description
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46;β€―RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-12946
Affected Vendors & Products
Showing 18 associated CPEs
Vendor Product Version / Range
netgear nighthawk_router raxe450
netgear nighthawk_router rax41
netgear nighthawk_router rax45
netgear nighthawk_router rax50v2
netgear nighthawk_router rax42
netgear nighthawk_router mr90
netgear nighthawk_router *
netgear nighthawk_router rax43v2
netgear nighthawk_router rs700
netgear nighthawk_router raxe500
netgear nighthawk_router rax41v2
netgear nighthawk_router rax50
netgear nighthawk_router rax43
netgear nighthawk_router rax35v2
netgear nighthawk_router ms90
netgear nighthawk_router rax42v2
netgear nighthawk_router rax49s
netgear nighthawk_router rax54sv2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the speedtest feature of certain NETGEAR Nighthawk routers. It is caused by improper input validation, which allows attackers on the router's WAN side to use man-in-the-middle (MiTM) techniques to manipulate DNS responses. This manipulation can lead to the execution of arbitrary commands when speedtests are run on the affected routers.

Impact Analysis

An attacker exploiting this vulnerability could execute arbitrary commands on the affected router by manipulating DNS responses during speedtests. This could lead to unauthorized control over the router, potentially compromising network security, disrupting internet connectivity, or enabling further attacks within the network.

Mitigation Strategies

To mitigate this vulnerability, update your NETGEAR Nighthawk router firmware to the fixed versions listed for your model. Avoid running the speedtest feature from the WAN side until the update is applied. Additionally, protect your network against man-in-the-middle (MiTM) attacks by securing DNS responses, for example by using DNS over HTTPS or DNSSEC if supported, and restrict WAN-side access to the router's management interfaces.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12946. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart