CVE-2025-12944

CWE-20 — Improper Input Validation3 documents3 sources

Severity

6.8MEDIUM

EPSS

0.0%

top 86.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Dgn2200 Firmware Netgear Dgn2200v4

Timeline

PublishedNov 11

Description

Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4 firmware 1.0.0.132 or later

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶NVDnetgear/dgn2200_firmware< 1.0.0.132

▶CVEListV5netgear/dgn2200v41.0.0.126

🔴Vulnerability Details

CVEList

Improper input validation in NETGEAR DGN2200v4↗2025-11-11

▶

GHSA

GHSA-q26q-g7qp-vmrr: Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potent↗2025-11-11

▶