CVE-2025-12946

Name: CVE-2025-12946
Creator: NVD / NIST
Published: 2025-12-09T17:15:48.82+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.4/10EPSS 0.26%

Last modified Jun 17, 2026

CVE-2025-12946 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.. EPSS estimates a 0.26% chance of exploitation in the next 30 days.

Description

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0

4.4/10

CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:M/U:Amber

EPSS Probability

0.26%

17.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Netgear	Rs700 Firmware	< 1.0.9.6
Netgear	Rax54sv2 Firmware	< 1.1.6.36
Netgear	Rax45v2 Firmware	< 1.1.6.36
Netgear	Rax41v2 Firmware	< 1.1.6.36
Netgear	Rax50 Firmware	< 1.2.14.114
Netgear	Raxe500 Firmware	< 1.2.14.114
Netgear	Rax41 Firmware	< 1.0.17.142
Netgear	Rax43 Firmware	< 1.0.17.142
Netgear	Rax35v2 Firmware	< 1.0.17.142
Netgear	Raxe450 Firmware	< 1.0.17.142
Netgear	Rax43v2 Firmware	< 1.1.6.36
Netgear	Rax42 Firmware	< 1.0.17.142
Netgear	Rax45 Firmware	< 1.0.17.142
Netgear	Rax50v2 Firmware	< 1.1.6.36
Netgear	Mr90 Firmware	< 1.0.2.46
Netgear	Ms90 Firmware	< 1.0.2.46
Netgear	Rax42v2 Firmware	< 1.1.6.36
Netgear	Rax49s Firmware	< 1.1.6.36

References

https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-AdvisoryPatch, Vendor Advisory
https://www.netgear.com/support/product/RAX50Patch, Product
https://www.netgear.com/support/product/mr90Patch, Product
https://www.netgear.com/support/product/ms90Patch, Product
https://www.netgear.com/support/product/rax35v2Patch, Product
https://www.netgear.com/support/product/rax41Patch, Product
https://www.netgear.com/support/product/rax41v2Patch, Product
https://www.netgear.com/support/product/rax42Patch, Product
https://www.netgear.com/support/product/rax42v2Patch, Product
https://www.netgear.com/support/product/rax43Patch, Product
https://www.netgear.com/support/product/rax43v2Patch, Product
https://www.netgear.com/support/product/rax45Patch, Product
https://www.netgear.com/support/product/rax49sPatch, Product
https://www.netgear.com/support/product/rax50v2Patch, Product
https://www.netgear.com/support/product/rax54sv2Patch, Product
https://www.netgear.com/support/product/raxe450Patch, Product
https://www.netgear.com/support/product/raxe500Patch, Product
https://www.netgear.com/support/product/rs700Patch, Product

Timeline

Published: Dec 9, 2025
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2025-12946?

How severe is CVE-2025-12946?

CVE-2025-12946 has a CVSS score of 4.4/10 (MEDIUM severity). The EPSS model estimates a 0.26% probability of exploitation in the next 30 days.

How do I fix CVE-2025-12946?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-12946?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST