Unrated severityNVD Advisory· Published Nov 11, 2025· Updated Feb 26, 2026

Improper input validation in NETGEAR R6260 and R6850

CVE-2025-12942

Description

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86.

Affected products

Netgear/R6850llm-create
Range: <=1.1.0.86
Netgear/R6260llm-fuzzy
Range: <=1.1.0.86
NETGEAR/R6260v5
Range: 0
NETGEAR/R6850v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.netgear.com/support/product/r6260mitrepatchproduct
www.netgear.com/support/product/r6850mitreproductpatch
kb.netgear.com/000070355/NETGEAR-Security-Advisories-November-2025mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000