Vulnerability Description
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | R6260 Firmware | < 1.1.0.86 |
| Netgear | R6260 | - |
| Netgear | R6850 Firmware | < 1.1.0.86 |
| Netgear | R6850 | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025Vendor Advisory
- https://www.netgear.com/support/product/r6260Product
- https://www.netgear.com/support/product/r6850Product
FAQ
What is CVE-2025-12942?
CVE-2025-12942 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform...
How severe is CVE-2025-12942?
CVE-2025-12942 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-12942?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear R6260 Firmware, Netgear R6260, Netgear R6850 Firmware, Netgear R6850.