This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| NETGEAR | RS700 | unaffected |
|
||||||
| NETGEAR | RAX54Sv2 | unaffected |
|
||||||
| NETGEAR | RAX41v2 | unaffected |
|
||||||
| NETGEAR | RAX50 | unaffected |
|
||||||
| NETGEAR | RAXE500 | unaffected |
|
||||||
| NETGEAR | RAX41 | unaffected |
|
||||||
| NETGEAR | RAX43 | unaffected |
|
||||||
| NETGEAR | RAX35v2 | unaffected |
|
||||||
| NETGEAR | RAXE450 | unaffected |
|
||||||
| NETGEAR | RAX43v2 | unaffected |
|
||||||
| NETGEAR | RAX42 | unaffected |
|
||||||
| NETGEAR | RAX45 | unaffected |
|
||||||
| NETGEAR | RAX50v2 | unaffected |
|
||||||
| NETGEAR | MR90 | unaffected |
|
||||||
| NETGEAR | RAX42v2 | unaffected |
|
||||||
| NETGEAR | RAX49S | unaffected |
|
||||||
| NETGEAR | MS90 | unaffected |
|
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
| AND |
|
Configuration 4 [-]
| AND |
|
Configuration 5 [-]
| AND |
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
| AND |
|
Configuration 8 [-]
| AND |
|
Configuration 9 [-]
| AND |
|
Configuration 10 [-]
| AND |
|
Configuration 11 [-]
| AND |
|
Configuration 12 [-]
| AND |
|
Configuration 13 [-]
| AND |
|
Configuration 14 [-]
| AND |
|
Configuration 15 [-]
| AND |
|
Configuration 16 [-]
| AND |
|
Configuration 17 [-]
| AND |
|
Configuration 18 [-]
| AND |
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Netgear
Subscribe
|
Mr90
Subscribe
Mr90 Firmware
Subscribe
Ms90
Subscribe
Ms90 Firmware
Subscribe
Rax35v2
Subscribe
Rax35v2 Firmware
Subscribe
Rax41
Subscribe
Rax41 Firmware
Subscribe
Rax41v2
Subscribe
Rax41v2 Firmware
Subscribe
Rax42
Subscribe
Rax42 Firmware
Subscribe
Rax42v2
Subscribe
Rax42v2 Firmware
Subscribe
Rax43
Subscribe
Rax43 Firmware
Subscribe
Rax43v2
Subscribe
Rax43v2 Firmware
Subscribe
Rax45
Subscribe
Rax45 Firmware
Subscribe
Rax45v2
Subscribe
Rax45v2 Firmware
Subscribe
Rax49s
Subscribe
Rax49s Firmware
Subscribe
Rax50
Subscribe
Rax50 Firmware
Subscribe
Rax50v2
Subscribe
Rax50v2 Firmware
Subscribe
Rax54sv2
Subscribe
Rax54sv2 Firmware
Subscribe
Raxe450
Subscribe
Raxe450 Firmware
Subscribe
Raxe500
Subscribe
Raxe500 Firmware
Subscribe
Rs700
Subscribe
Rs700 Firmware
Subscribe
|
No advisories yet.
Solution
Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update it to the latest. Fixed in: RS700 firmware V1.0.9.6 or later RAX54Sv2/RAX45v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/rax54sv2 RAX41v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/rax41v2 RAX50 firmware V1.2.14.114 or later https://www.netgear.com/support/product/RAX50 RAXE500 firmware V1.2.14.114 or later https://www.netgear.com/support/product/raxe500 RAX41 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax41 RAX43 firmware V1.0.17.142 or later https://www.netgear.com/support/product/rax43 RAX35v2 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX35v2 RAXE450 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAXE450 RAX43v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX43v2 RAX42 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX42 RAX45 firmware V1.0.17.142 or later https://www.netgear.com/support/product/RAX45 RAX50v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX50v2 MR90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MR90 MS90 firmware V1.0.2.46 or later https://www.netgear.com/support/product/MS90 RAX42v2 firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2 RAX49S firmware V1.1.6.36 or later https://www.netgear.com/support/product/RAX42v2
Workaround
No workaround given by the vendor.
Wed, 21 Jan 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Netgear mr90 Firmware
Netgear ms90 Firmware Netgear rax35v2 Firmware Netgear rax41 Firmware Netgear rax41v2 Firmware Netgear rax42 Firmware Netgear rax42v2 Firmware Netgear rax43 Firmware Netgear rax43v2 Firmware Netgear rax45 Firmware Netgear rax45v2 Netgear rax45v2 Firmware Netgear rax49s Firmware Netgear rax50 Firmware Netgear rax50v2 Firmware Netgear rax54sv2 Firmware Netgear raxe450 Firmware Netgear raxe500 Firmware Netgear rs700 Firmware |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:h:netgear:mr90:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ms90:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax41:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax41v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax42v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax43v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax45v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax49s:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax50v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax54sv2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rs700:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:mr90_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ms90_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax41_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax41v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax42v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax43v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax45v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax49s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax50v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax54sv2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rs700_firmware:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Netgear mr90 Firmware
Netgear ms90 Firmware Netgear rax35v2 Firmware Netgear rax41 Firmware Netgear rax41v2 Firmware Netgear rax42 Firmware Netgear rax42v2 Firmware Netgear rax43 Firmware Netgear rax43v2 Firmware Netgear rax45 Firmware Netgear rax45v2 Netgear rax45v2 Firmware Netgear rax49s Firmware Netgear rax50 Firmware Netgear rax50v2 Firmware Netgear rax54sv2 Firmware Netgear raxe450 Firmware Netgear raxe500 Firmware Netgear rs700 Firmware |
|
| Metrics |
cvssV3_1
|
Tue, 09 Dec 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 09 Dec 2025 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 09 Dec 2025 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 09 Dec 2025 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are run. This issue affects RS700: through 1.0.7.82; RAX54Sv2 : before V1.1.6.36; RAX41v2: before V1.1.6.36; RAX50: before V1.2.14.114; RAXE500: before V1.2.14.114; RAX41: before V1.0.17.142; RAX43: before V1.0.17.142; RAX35v2: before V1.0.17.142; RAXE450: before V1.2.14.114; RAX43v2: before V1.1.6.36; RAX42: before V1.0.17.142; RAX45: before V1.0.17.142; RAX50v2: before V1.1.6.36; MR90: before V1.0.2.46; MS90: before V1.0.2.46; RAX42v2: before V1.1.6.36; RAX49S: before V1.1.6.36. | |
| Title | Improper input validation in NETGEAR Nighthawk routers | |
| First Time appeared |
Netgear
Netgear mr90 Netgear ms90 Netgear rax35v2 Netgear rax41 Netgear rax41v2 Netgear rax42 Netgear rax42v2 Netgear rax43 Netgear rax43v2 Netgear rax45 Netgear rax49s Netgear rax50 Netgear rax50v2 Netgear rax54sv2 Netgear raxe450 Netgear raxe500 Netgear rs700 |
|
| Weaknesses | CWE-20 | |
| CPEs | cpe:2.3:h:netgear:mr90:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ms90:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax35v2:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax41:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax41v2:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax42:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax42v2:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax43:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax43v2:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax49s:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax50v2:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax54sv2:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:raxe450:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:raxe500:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rs700:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Netgear
Netgear mr90 Netgear ms90 Netgear rax35v2 Netgear rax41 Netgear rax41v2 Netgear rax42 Netgear rax42v2 Netgear rax43 Netgear rax43v2 Netgear rax45 Netgear rax49s Netgear rax50 Netgear rax50v2 Netgear rax54sv2 Netgear raxe450 Netgear raxe500 Netgear rs700 |
|
| References |
|
|
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: NETGEAR
Published:
Updated: 2025-12-10T04:57:22.798Z
Reserved: 2025-11-10T08:26:32.586Z
Link: CVE-2025-12946
Vulnrichment
Updated: 2025-12-09T20:22:16.677Z
NVD
Status : Analyzed
Published: 2025-12-09T17:15:48.820
Modified: 2026-01-21T19:29:14.017
Link: CVE-2025-12946
Redhat
No data.
OpenCVE Enrichment
No data.