NVD

CVE-2025-12946 Detail

Description

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

Nist CVSS score does not match with CNA score

CNA: Netgear, Inc.

CVSS-BT 4.4 MEDIUM

Vector: CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/S:N/AU:N/R:A/V:D/RE:M/U:Amber

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 7.5 HIGH

Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory	Netgear, Inc.	Patch Vendor Advisory
https://www.netgear.com/support/product/RAX50	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/mr90	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/ms90	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax35v2	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax41	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax41v2	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax42	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax42v2	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax43	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax43v2	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax45	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax49s	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax50v2	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rax54sv2	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/raxe450	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/raxe500	Netgear, Inc.	Patch Product
https://www.netgear.com/support/product/rs700	Netgear, Inc.	Patch Product

Weakness Enumeration

CWE-ID	CWE Name	Source
NVD-CWE-noinfo	Insufficient Information	NIST
CWE-20	Improper Input Validation	Netgear, Inc.

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

4 change records found show changes

Initial Analysis by NIST 1/21/2026 2:29:14 PM

Action	Type	New Value
Added	CVSS V3.1	AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CWE	NVD-CWE-noinfo
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:mr90_firmware::::::::* versions up to (excluding) 1.0.2.46 OR cpe:2.3:h:netgear:mr90:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:ms90_firmware::::::::* versions up to (excluding) 1.0.2.46 OR cpe:2.3:h:netgear:ms90:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax35v2_firmware::::::::* versions up to (excluding) 1.0.17.142 OR cpe:2.3:h:netgear:rax35v2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax41_firmware::::::::* versions up to (excluding) 1.0.17.142 OR cpe:2.3:h:netgear:rax41:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax41v2_firmware::::::::* versions up to (excluding) 1.1.6.36 OR cpe:2.3:h:netgear:rax41v2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax42_firmware::::::::* versions up to (excluding) 1.0.17.142 OR cpe:2.3:h:netgear:rax42:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax42v2_firmware::::::::* versions up to (excluding) 1.1.6.36 OR cpe:2.3:h:netgear:rax42v2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax43_firmware::::::::* versions up to (excluding) 1.0.17.142 OR cpe:2.3:h:netgear:rax43:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax43v2_firmware::::::::* versions up to (excluding) 1.1.6.36 OR cpe:2.3:h:netgear:rax43v2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax45_firmware::::::::* versions up to (excluding) 1.0.17.142 OR cpe:2.3:h:netgear:rax45:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax45v2_firmware::::::::* versions up to (excluding) 1.1.6.36 OR cpe:2.3:h:netgear:rax45v2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax49s_firmware::::::::* versions up to (excluding) 1.1.6.36 OR cpe:2.3:h:netgear:rax49s:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax50_firmware::::::::* versions up to (excluding) 1.2.14.114 OR cpe:2.3:h:netgear:rax50:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax50v2_firmware::::::::* versions up to (excluding) 1.1.6.36 OR cpe:2.3:h:netgear:rax50v2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rax54sv2_firmware::::::::* versions up to (excluding) 1.1.6.36 OR cpe:2.3:h:netgear:rax54sv2:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:raxe450_firmware::::::::* versions up to (excluding) 1.0.17.142 OR cpe:2.3:h:netgear:raxe450:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:raxe500_firmware::::::::* versions up to (excluding) 1.2.14.114 OR cpe:2.3:h:netgear:raxe500:-:::::::*
Added	CPE Configuration	AND OR cpe:2.3:o:netgear:rs700_firmware::::::::* versions up to (excluding) 1.0.9.6 OR cpe:2.3:h:netgear:rs700:-:::::::*
Added	Reference Type	Netgear, Inc.: https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory Types: Patch, Vendor Advisory
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/RAX50 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/mr90 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/ms90 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax35v2 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax41 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax41v2 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax42 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax42v2 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax43 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax43v2 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax45 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax49s Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax50v2 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rax54sv2 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/raxe450 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/raxe500 Types: Patch, Product
Added	Reference Type	Netgear, Inc.: https://www.netgear.com/support/product/rs700 Types: Patch, Product

New CVE Received from Netgear, Inc. 12/09/2025 12:15:48 PM

Action	Type	New Value
Added	Description	A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.
Added	CVSS V4.0	AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:M/U:Amber
Added	CWE	CWE-20
Added	Reference	https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-December-2025
Added	Reference	https://www.netgear.com/support/product/RAX50
Added	Reference	https://www.netgear.com/support/product/mr90
Added	Reference	https://www.netgear.com/support/product/ms90
Added	Reference	https://www.netgear.com/support/product/rax35v2
Added	Reference	https://www.netgear.com/support/product/rax41
Added	Reference	https://www.netgear.com/support/product/rax41v2
Added	Reference	https://www.netgear.com/support/product/rax42
Added	Reference	https://www.netgear.com/support/product/rax42v2
Added	Reference	https://www.netgear.com/support/product/rax43
Added	Reference	https://www.netgear.com/support/product/rax43v2
Added	Reference	https://www.netgear.com/support/product/rax45
Added	Reference	https://www.netgear.com/support/product/rax49s
Added	Reference	https://www.netgear.com/support/product/rax50v2
Added	Reference	https://www.netgear.com/support/product/rax54sv2
Added	Reference	https://www.netgear.com/support/product/raxe450
Added	Reference	https://www.netgear.com/support/product/raxe500
Added	Reference	https://www.netgear.com/support/product/rs700

Quick Info

CVE Dictionary Entry:
CVE-2025-12946
NVD Published Date:
12/09/2025
NVD Last Modified:
01/21/2026
Source:
Netgear, Inc.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2025-12946 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

Initial Analysis by NIST 1/21/2026 2:29:14 PM

CVE Modified by Netgear, Inc. 12/09/2025 3:15:53 PM

CVE Modified by Netgear, Inc. 12/09/2025 1:15:48 PM

New CVE Received from Netgear, Inc. 12/09/2025 12:15:48 PM

Quick Info