Description

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.

INFO

Published Date :

2025-12-09T17:02:20.739Z

Last Modified :

2026-02-26T16:57:03.457Z

Source :

NETGEAR
AFFECTED PRODUCTS

The following products are affected by CVE-2025-12946 vulnerability.

Vendors Products
Netgear
  • Mr90
  • Mr90 Firmware
  • Ms90
  • Ms90 Firmware
  • Rax35v2
  • Rax35v2 Firmware
  • Rax41
  • Rax41 Firmware
  • Rax41v2
  • Rax41v2 Firmware
  • Rax42
  • Rax42 Firmware
  • Rax42v2
  • Rax42v2 Firmware
  • Rax43
  • Rax43 Firmware
  • Rax43v2
  • Rax43v2 Firmware
  • Rax45
  • Rax45 Firmware
  • Rax45v2
  • Rax45v2 Firmware
  • Rax49s
  • Rax49s Firmware
  • Rax50
  • Rax50 Firmware
  • Rax50v2
  • Rax50v2 Firmware
  • Rax54sv2
  • Rax54sv2 Firmware
  • Raxe450
  • Raxe450 Firmware
  • Raxe500
  • Raxe500 Firmware
  • Rs700
  • Rs700 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-12946.

URL Resource
https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory cve-icon cve-icon
https://www.netgear.com/support/product/RAX50 cve-icon cve-icon
https://www.netgear.com/support/product/mr90 cve-icon cve-icon
https://www.netgear.com/support/product/ms90 cve-icon cve-icon
https://www.netgear.com/support/product/rax35v2 cve-icon cve-icon
https://www.netgear.com/support/product/rax41 cve-icon cve-icon
https://www.netgear.com/support/product/rax41v2 cve-icon cve-icon
https://www.netgear.com/support/product/rax42 cve-icon cve-icon
https://www.netgear.com/support/product/rax42v2 cve-icon cve-icon
https://www.netgear.com/support/product/rax43 cve-icon cve-icon
https://www.netgear.com/support/product/rax43v2 cve-icon cve-icon
https://www.netgear.com/support/product/rax45 cve-icon cve-icon
https://www.netgear.com/support/product/rax49s cve-icon cve-icon
https://www.netgear.com/support/product/rax50v2 cve-icon cve-icon
https://www.netgear.com/support/product/rax54sv2 cve-icon cve-icon
https://www.netgear.com/support/product/raxe450 cve-icon cve-icon
https://www.netgear.com/support/product/raxe500 cve-icon cve-icon
https://www.netgear.com/support/product/rs700 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact