Vulnerability Details CVE-2025-12943
Improper certificate
validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream
AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band
WiFi 6E Router) allows attackers with the ability to intercept and
tamper traffic destined to the device to execute arbitrary commands on the
device.
Devices
with automatic updates enabled may already have this patch applied. If not,
please check the firmware version and update to the
latest.
Fixed in:
RAX30 firmware
1.0.14.108 or later.
RAXE300 firmware
1.0.9.82 or later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-12943
-
cpe:2.3:h:netgear:rax30:-
-
cpe:2.3:h:netgear:raxe300:-
-
cpe:2.3:o:netgear:rax30_firmware:-
-
cpe:2.3:o:netgear:rax30_firmware:1.0.10.94
-
cpe:2.3:o:netgear:rax30_firmware:1.0.11.96
-
cpe:2.3:o:netgear:rax30_firmware:1.0.11.96_2_hotfix
-
cpe:2.3:o:netgear:rax30_firmware:1.0.12.100_hotfix
-
cpe:2.3:o:netgear:rax30_firmware:1.0.3.64
-
cpe:2.3:o:netgear:rax30_firmware:1.0.4.66
-
cpe:2.3:o:netgear:rax30_firmware:1.0.5.70
-
cpe:2.3:o:netgear:rax30_firmware:1.0.6.74
-
cpe:2.3:o:netgear:rax30_firmware:1.0.7.78
-
cpe:2.3:o:netgear:rax30_firmware:1.0.9.90
-
cpe:2.3:o:netgear:rax30_firmware:1.0.9.92
-
cpe:2.3:o:netgear:raxe300_firmware:-
-
cpe:2.3:o:netgear:raxe300_firmware:1.0.5.56
-
cpe:2.3:o:netgear:raxe300_firmware:1.0.7.62
-
cpe:2.3:o:netgear:raxe300_firmware:1.0.8.64