Input Validation Flaw in NETGEAR Nighthawk Routers' Speedtest Feature
CVE-2025-12946

4.4MEDIUM

Key Information:

Vendor

Netgear
Status
Rs700
Rax54sv2
Rax41v2
Rax50
Vendor
CVE Published:
9 December 2025

What is CVE-2025-12946?

A vulnerability exists in the speedtest feature of certain NETGEAR Nighthawk routers due to improper input validation. This flaw allows attackers on the router's WAN side to exploit attacker-in-the-middle techniques, enabling them to manipulate DNS responses and execute arbitrary commands during speed tests. Users of affected Nighthawk router models should ensure their devices are updated to the latest firmware version to mitigate this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MR90 0

MS90 0

RAX35v2 0

References

https://www.netgear.com/support/product/rs700
productpatch
https://www.netgear.com/support/product/rax54sv2
productpatch
https://www.netgear.com/support/product/rax41v2
productpatch

CVSS V4

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

molybdenum
JSON
.