← Back

CVE-2025-12945

nvd nist
Published: Dec 9, 2025Modified: Jan 16, 2026

JSON object

Loading...
1.1
Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber
Show more
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:AmberShow less
Source: a2826606-91e7-4eb6-899e-8484bd4575d5 (Secondary)

Description

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154.

Affected (1)

Netgear
1 product
R7000p Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R7000p Firmware
Up to 1.3.3.154
Running on/withPlatform Versions
Netgear
R7000p
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

Source: a2826606-91e7-4eb6-899e-8484bd4575d5
Vendor Advisory
Source: a2826606-91e7-4eb6-899e-8484bd4575d5
PatchProduct

Timeline

No history available yet.