PT-2025-46370 · NetGear · Netgear R6850+1

Dcmtruman

Published

2025-11-11

Updated

2025-12-08

CVE-2025-12942

CVSS v3.1

7.5

High

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NETGEAR R6260 versions through 1.1.0.86 NETGEAR R6850 versions through 1.1.0.86

Description A flaw exists in input validation within NETGEAR R6260 and R6850 devices. This allows unauthenticated attackers on the LAN to conduct Man-in-the-Middle (MiTM) attacks and gain control of the DNS Server, potentially leading to command execution.

Recommendations Update NETGEAR R6260 to a version later than 1.1.0.86. Update NETGEAR R6850 to a version later than 1.1.0.86.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-15934

CVE-2025-12942

Affected Products

Netgear R6260

Netgear R6850

PT-2025-46370 · NetGear · Netgear R6850+1

CVE-2025-12942

Weakness Enumeration

Related Identifiers

Affected Products

References · 10