CVE-2025-12945

Summary

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation.

This issue affects R7000P: through 1.3.3.154.

Affected Software

VendorProductVersion RangeStatus
NETGEARR7000P0 <= 1.3.3.154affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

Workarounds

NETGEAR strongly recommends not to allow untrusted users to administer your device and protect it with strong password.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References