CVE-2025-12944

MEDIUM EPSS 13.8%

Published Nov 11, 20257mo ago · Modified Jun 17, 20261w ago

6.8 CVSS 4.0

Medium

Published Nov 11, 2025 7mo ago

Last Modified Jun 17, 2026 1w ago

Description

Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4 firmware 1.0.0.132 or later

CVSS Details

Base Score

6.8

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:L/U:Amber

Attack Vector Adjacent

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

13.8% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 2

Vendor	Product	Version	Range
netgear	dgn2200_firmware	*	<1.0.0.132
netgear	dgn2200	v4	any

References 2

kb.netgear.com https://kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025

Vendor Advisory
netgear.com https://www.netgear.com/support/product/dgn2200v4

Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.