{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-12943","assignerOrgId":"a2826606-91e7-4eb6-899e-8484bd4575d5","state":"PUBLISHED","assignerShortName":"NETGEAR","dateReserved":"2025-11-10T07:35:29.116Z","datePublished":"2025-11-11T16:17:44.766Z","dateUpdated":"2026-02-26T16:57:57.314Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"RAX30","vendor":"NETGEAR","versions":[{"lessThan":"1.0.10.95","status":"affected","version":"0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"RAXE300","vendor":"NETGEAR","versions":[{"lessThan":"1.0.9.82","status":"affected","version":"0","versionType":"custom"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:h:netgear:rax30:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.10.95","versionStartIncluding":"0","vulnerable":true}],"negate":false,"operator":"OR"},{"cpeMatch":[{"criteria":"cpe:2.3:h:netgear:raxe300:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.9.82","versionStartIncluding":"0","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"credits":[{"lang":"en","type":"finder","value":"rqu4"}],"datePublic":"2025-11-11T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div>Improper certificate\nvalidation in firmware update logic in NETGEAR <b>RAX30 </b>(Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router)<b> </b>and<b> </b><b>RAXE300</b> (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.</div><div><p>Devices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.</p>\n\n<p>Fixed in:</p>\n\n<p>RAX30 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\">firmware\n1.0.14.108 or later</a>.</p>\n\nRAXE300 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\">firmware\n1.0.9.82 or later</a>\n\n\n\n<br></div>"}],"value":"Improper certificate\nvalidation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream\nAX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band\nWiFi 6E Router) allows attackers with the ability to intercept and\ntamper traffic destined to the device to execute arbitrary commands on the\ndevice.\n\nDevices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"}],"impacts":[{"capecId":"CAPEC-94","descriptions":[{"lang":"en","value":"CAPEC-94 Adversary in the Middle (AiTM)"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NO","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"PRESENT","attackVector":"ADJACENT","baseScore":5.2,"baseSeverity":"MEDIUM","exploitMaturity":"UNREPORTED","privilegesRequired":"NONE","providerUrgency":"AMBER","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"DIFFUSE","vectorString":"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:L/U:Amber","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"LOW"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-295","description":"CWE-295 Improper Certificate Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"a2826606-91e7-4eb6-899e-8484bd4575d5","shortName":"NETGEAR","dateUpdated":"2025-11-11T16:17:44.766Z"},"references":[{"tags":["product","patch"],"url":"https://www.netgear.com/support/product/rax30"},{"tags":["product","patch"],"url":"https://www.netgear.com/support/product/raxe300"},{"tags":["vendor-advisory"],"url":"https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Devices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.</p>\n\n<p>Fixed in:</p>\n\n<p>RAX30 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/rax30/#download\">firmware\n1.0.14.108 or later</a>.</p>\n\nRAXE300 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.netgear.com/support/product/raxe300/#download\">firmware\n1.0.9.82 or later</a>"}],"value":"Devices\nwith automatic updates enabled may already have this patch applied. If not,\nplease check the firmware version and update to the\nlatest.\n\n\n\nFixed in:\n\n\n\nRAX30 firmware\n1.0.14.108 or later.\n\n\n\nRAXE300 firmware\n1.0.9.82 or later"}],"source":{"discovery":"UNKNOWN"},"title":"Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2025-12943","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-11-13T04:55:33.797632Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T16:57:57.314Z"}}]}}