Details of VAR-202512-4870

ID

VAR-202512-4870

CVE

CVE-2025-12946

TITLE

of netgear MR90 FIRMWARE Vulnerabilities related to input confirmation in multiple products such as

Trust: 0.8

sources: JVNDB: JVNDB-2025-025146

DESCRIPTION

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36. This vulnerability affects the following products: RS700 teeth 1.0.7.82 to, RAX54Sv2 teeth V1.1.6.36 Before, RAX41v2 teeth V1.1.6.36 Before, RAX50 teeth V1.2.14.114 Before, RAXE500 teeth V1.2.14.114 Before, RAX41 teeth V1.0.17.142 Before, RAX43 teeth V1.0.17.142 Before, RAX35v2 teeth V1.0.17.142 Before, RAXE450 teeth V1.2.14.114 Before, RAX43v2 teeth V1.1.6.36 Before, RAX42 teeth V1.0.17.142 Before, RAX45 teeth V1.0.17.142 Before, RAX50v2 teeth V1.1.6.36 Before, MR90 teeth V1.0.2.46 Before, MS90 teeth V1.0.2.46 Before, RAX42v2 teeth V1.1.6.36 Before, RAX49S teeth V1.1.6.36 It affects earlier.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-12946 // JVNDB: JVNDB-2025-025146

AFFECTED PRODUCTS

vendor:	netgear	model:	rax35v2	scope:	lt	version:	1.0.17.142	Trust: 1.0
vendor:	netgear	model:	raxe450	scope:	lt	version:	1.0.17.142	Trust: 1.0
vendor:	netgear	model:	mr90	scope:	lt	version:	1.0.2.46	Trust: 1.0
vendor:	netgear	model:	rax41v2	scope:	lt	version:	1.1.6.36	Trust: 1.0
vendor:	netgear	model:	rax43v2	scope:	lt	version:	1.1.6.36	Trust: 1.0
vendor:	netgear	model:	rax45v2	scope:	lt	version:	1.1.6.36	Trust: 1.0
vendor:	netgear	model:	rax49s	scope:	lt	version:	1.1.6.36	Trust: 1.0
vendor:	netgear	model:	raxe500	scope:	lt	version:	1.2.14.114	Trust: 1.0
vendor:	netgear	model:	rax45	scope:	lt	version:	1.0.17.142	Trust: 1.0
vendor:	netgear	model:	rax50	scope:	lt	version:	1.2.14.114	Trust: 1.0
vendor:	netgear	model:	rax42	scope:	lt	version:	1.0.17.142	Trust: 1.0
vendor:	netgear	model:	rax42v2	scope:	lt	version:	1.1.6.36	Trust: 1.0
vendor:	netgear	model:	rax54sv2	scope:	lt	version:	1.1.6.36	Trust: 1.0
vendor:	netgear	model:	rax50v2	scope:	lt	version:	1.1.6.36	Trust: 1.0
vendor:	netgear	model:	rs700	scope:	lt	version:	1.0.9.6	Trust: 1.0
vendor:	netgear	model:	rax43	scope:	lt	version:	1.0.17.142	Trust: 1.0
vendor:	netgear	model:	ms90	scope:	lt	version:	1.0.2.46	Trust: 1.0
vendor:	netgear	model:	rax41	scope:	lt	version:	1.0.17.142	Trust: 1.0
vendor:	ネットギア	model:	rax45v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax45	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax41	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax49s	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax50	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax41v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	raxe450	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax50v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ms90	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax42v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax54sv2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	mr90	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax43v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax43	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	raxe500	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rs700	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax35v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax42	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2025-025146 // NVD: CVE-2025-12946

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2025-12946
value:	HIGH
Trust: 1.0
a2826606-91e7-4eb6-899e-8484bd4575d5:	CVE-2025-12946
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2025-12946
value:	HIGH
Trust: 0.8

nvd@nist.gov:	CVE-2025-12946
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2025-12946
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2025-025146 // NVD: CVE-2025-12946 // NVD: CVE-2025-12946

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-20	Trust: 1.0
problemtype:	Inappropriate input confirmation (CWE-20) [ others ]	Trust: 0.8
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-025146 // NVD: CVE-2025-12946

PATCH

title:

December 2025 NETGEAR Security Advisory - NETGEAR Support

url:

https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory

Trust: 0.8

sources: JVNDB: JVNDB-2025-025146

EXTERNAL IDS

db:	NVD	id:	CVE-2025-12946	Trust: 2.6
db:	JVNDB	id:	JVNDB-2025-025146	Trust: 0.8

sources: JVNDB: JVNDB-2025-025146 // NVD: CVE-2025-12946

REFERENCES

url:	https://www.netgear.com/support/product/rax50v2	Trust: 1.8
url:	https://www.netgear.com/support/product/rax42v2	Trust: 1.8
url:	https://www.netgear.com/support/product/rax41	Trust: 1.8
url:	https://www.netgear.com/support/product/ms90	Trust: 1.8
url:	https://www.netgear.com/support/product/rax45	Trust: 1.8
url:	https://www.netgear.com/support/product/rax43v2	Trust: 1.8
url:	https://www.netgear.com/support/product/rax50	Trust: 1.8
url:	https://www.netgear.com/support/product/rax41v2	Trust: 1.8
url:	https://www.netgear.com/support/product/raxe450	Trust: 1.8
url:	https://www.netgear.com/support/product/rs700	Trust: 1.8
url:	https://www.netgear.com/support/product/rax43	Trust: 1.8
url:	https://www.netgear.com/support/product/rax54sv2	Trust: 1.8
url:	https://www.netgear.com/support/product/mr90	Trust: 1.8
url:	https://www.netgear.com/support/product/rax49s	Trust: 1.8
url:	https://www.netgear.com/support/product/rax35v2	Trust: 1.8
url:	https://www.netgear.com/support/product/raxe500	Trust: 1.8
url:	https://www.netgear.com/support/product/rax42	Trust: 1.8
url:	https://kb.netgear.com/000070416/december-2025-netgear-security-advisory	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-12946	Trust: 0.8

sources: JVNDB: JVNDB-2025-025146 // NVD: CVE-2025-12946

SOURCES

db:	JVNDB	id:	JVNDB-2025-025146
db:	NVD	id:	CVE-2025-12946

LAST UPDATE DATE

2026-01-24T23:31:51.558000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2025-025146	date:	2026-01-23T05:22:00
db:	NVD	id:	CVE-2025-12946	date:	2026-01-21T19:29:14.017

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2025-025146	date:	2026-01-23T00:00:00
db:	NVD	id:	CVE-2025-12946	date:	2025-12-09T17:15:48.820