CVE-2025-45493

Summary: CVE-2025-45493 affects Netgear EX8000 with firmware v1.0.0.126, where the iface parameter in the action_bandwidth function can cause a Command Injection . Affected product/firmware: Netgear EX8000 V1.0.0.126 (firmware form factor cited across documents). Root cause (as stated): flaw in t...

PT-2025-52766

Name of the Vulnerable Software and Affected Versions Netgear EX8000 version 1.0.0.126 Description The Netgear EX8000 Mesh Extender firmware version 1.0.0.126 contains a Command Injection issue. This occurs due to a flaw in the action bandwidth function, specifically through manipulation of the...

NETGEAR EX8000 安全漏洞

NETGEAR EX8000 is a wireless network signal extender from NETGEAR. A security vulnerability exists in NETGEAR EX8000 version V1.0.0.126, which originates from a command injection in the iface parameter of the actionbandwidth function...

VulnCheck KEV: CVE-2020-27866

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

CVE-2025-12946

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12945

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

CVE-2025-12941

Denial of Service Vulnerability in NETGEAR C6220 and C6230 DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router allows authenticated local WiFi users reboot the router...

EUVD-2025-202283

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

EUVD-2025-202285

Denial of Service Vulnerability in NETGEAR C6220 and C6230 DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router allows authenticated local WiFi users reboot the router...

CVE-2025-12945

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

CVE-2025-12946

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12946

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12945

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

CVE-2025-12941

Denial of Service Vulnerability in NETGEAR C6220 and C6230 DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router allows authenticated local WiFi users reboot the router...

CVE-2025-12946 Improper input validation in NETGEAR Nighthawk routers

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12946 Improper input validation in NETGEAR Nighthawk routers

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12946

CVE-2025-12946 affects NETGEAR Nighthawk routers and related models (RS700, RAX54Sv2, RAX41v2, RAX50, RAXE500, RAX41, RAX43, RAX35v2, RAXE450, RAX43v2, RAX42, RAX45, RAX50v2, MR90, MS90, RAX42v2, RAX49S). Root cause is improper input validation in the speedtest feature, enabling WAN-side attacker...

CVE-2025-12945 Improper input validation in NETGEAR Nighthawk router R7000P

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

CVE-2025-12945

The CVE-2025-12945 entry concerns NETGEAR Nighthawk R7000P routers with versions up to 1.3.3.154. The vulnerability is an OS command injection caused by improper input validation when accessed by an authenticated administrator. Impact is limited to the affected device where an admin could inject ...

CVE-2025-12945 Improper input validation in NETGEAR Nighthawk router R7000P

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...