CVE-2025-12943
Essential information
- Published
- 11/11/2025 17:15
- Modified
- 08/12/2025 14:29
- Author
- —
- Creator
- —
- CVSS
- 5.2 MEDIUM (v3) 5.2 MEDIUM (v4.0)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
—
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:L/U:Amber
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Privileges required
- —
- User interaction
- —
- Scope
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- ADJACENT
- Attack complexity
- LOW
- Attack requirements
- PRESENT
- Privileges required
- NONE
- User interaction
- NONE
- Confidentiality (V)
- HIGH
- Confidentiality (S)
- NONE
- Integrity (V)
- HIGH
- Integrity (S)
- NONE
- Availability (V)
- HIGH
- Availability (S)
- NONE
- Exploit maturity
- UNREPORTED
Description
Improper certificate
validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream
AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band
WiFi 6E Router) allows attackers with the ability to intercept and
tamper traffic destined to the device to execute arbitrary commands on the
device.
Devices
with automatic updates enabled may already have this patch applied. If not,
please check the firmware version and update to the
latest.
Fixed in:
RAX30 firmware
1.0.14.108 or later.
RAXE300 firmware
1.0.9.82 or later
NVD status
- Status
- Analyzed — CVE has had analysis completed and all data associations made.
- Source
- a2826606-91e7-4eb6-899e-8484bd4575d5
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| netgear / rax30 firmware | cpe:2.3:o:netgear:rax30_firmware:*:*:*:*:*:*:*:* |
| netgear / rax30 | cpe:2.3:h:netgear:rax30:-:*:*:*:*:*:*:* |
| netgear / raxe300 firmware | cpe:2.3:o:netgear:raxe300_firmware:*:*:*:*:*:*:*:* |
| netgear / raxe300 | cpe:2.3:h:netgear:raxe300:-:*:*:*:*:*:*:* |