Improper Input Validation in NETGEAR Routers Affects Security
CVE-2025-12942

4.8MEDIUM

Key Information:

Vendor

Netgear
Status
R6260
R6850
Vendor
CVE Published:
11 November 2025

What is CVE-2025-12942?

An improper input validation vulnerability in NETGEAR's R6260 and R6850 routers allows unauthenticated users connected to the Local Area Network (LAN) to perform Man-in-the-Middle (MiTM) attacks. This vulnerability can lead to unauthorized command execution, potentially allowing attackers to manipulate DNS server configurations, compromising network integrity and user security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

R6260 0 <= 1.1.0.86

R6850 0 <= 1.1.0.86

References

https://www.netgear.com/support/product/r6850
productpatch
https://www.netgear.com/support/product/r6260
patchproduct
https://kb.netgear.com/000070355/NETGEAR-Security-Advisor...
vendor-advisory

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

dcmtruman
JSON
.