Search criteria
2 vulnerabilities found for R7000P by NETGEAR
CVE-2025-12945 (GCVE-0-2025-12945)
Vulnerability from cvelistv5 – Published: 2025-12-09 17:01 – Updated: 2025-12-09 20:44 Unsupported When Assigned
VLAI?
Title
Improper input validation in NETGEAR Nighthawk router R7000P
Summary
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation.
This issue affects R7000P: through 1.3.3.154.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
SmallS
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T20:22:21.969102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:44:03.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "R7000P",
"vendor": "NETGEAR",
"versions": [
{
"lessThanOrEqual": "1.3.3.154",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.3.154",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SmallS"
}
],
"datePublic": "2025-12-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eA vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eThis issue affects R7000P: through 1.3.3.154. \u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. \n\n\n\nThis issue affects R7000P: through 1.3.3.154."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 1.1,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:34:36.492Z",
"orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"shortName": "NETGEAR"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.netgear.com/support/product/r7000p"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NETGEAR\nR7000P has reached End-of-Support phase, and no security updates are planned.\nNETGEAR strongly recommends that you retire this device and upgrade to a\nnewer NETGEAR device for continued security support.\n\n\n\n\u003cbr\u003e"
}
],
"value": "NETGEAR\nR7000P has reached End-of-Support phase, and no security updates are planned.\nNETGEAR strongly recommends that you retire this device and upgrade to a\nnewer NETGEAR device for continued security support."
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Improper input validation in NETGEAR Nighthawk router R7000P",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NETGEAR strongly recommends not to allow untrusted users to administer your device and protect it with strong password.\u0026nbsp;"
}
],
"value": "NETGEAR strongly recommends not to allow untrusted users to administer your device and protect it with strong password."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
"assignerShortName": "NETGEAR",
"cveId": "CVE-2025-12945",
"datePublished": "2025-12-09T17:01:38.595Z",
"dateReserved": "2025-11-10T08:26:25.516Z",
"dateUpdated": "2025-12-09T20:44:03.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12988 (GCVE-0-2024-12988)
Vulnerability from cvelistv5 – Published: 2024-12-27 17:00 – Updated: 2025-01-14 13:59 Unsupported When Assigned
VLAI?
Title
Netgear R6900P/R7000P HTTP Header sub_16C4C buffer overflow
Summary
A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
Credits
physicszq (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12988",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T18:22:40.452260Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T18:23:48.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/physicszq/Routers/tree/main/Netgear/1.3.3.154"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP Header Handler"
],
"product": "R6900P",
"vendor": "Netgear",
"versions": [
{
"status": "affected",
"version": "1.3.3.154"
}
]
},
{
"modules": [
"HTTP Header Handler"
],
"product": "R7000P",
"vendor": "Netgear",
"versions": [
{
"status": "affected",
"version": "1.3.3.154"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "physicszq (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "de",
"value": "In Netgear R6900P and R7000P 1.3.3.154 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Das betrifft die Funktion sub_16C4C der Komponente HTTP Header Handler. Durch Manipulation des Arguments Host mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T13:59:51.349Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-289381 | Netgear R6900P/R7000P HTTP Header sub_16C4C buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.289381"
},
{
"name": "VDB-289381 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.289381"
},
{
"name": "Submit #462781 | Netgear R6900P, R7000P 1.3.3.154 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.462781"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/physicszq/Routers/tree/main/Netgear/1.3.3.154"
},
{
"tags": [
"related"
],
"url": "https://www.netgear.com/about/eos/"
},
{
"tags": [
"product"
],
"url": "https://www.netgear.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2024-12-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-27T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-14T15:00:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "Netgear R6900P/R7000P HTTP Header sub_16C4C buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12988",
"datePublished": "2024-12-27T17:00:14.876Z",
"dateReserved": "2024-12-27T08:33:50.934Z",
"dateUpdated": "2025-01-14T13:59:51.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}