NETGEAR Nighthawk R7000P 1.3.3.154 Auth cmd injection
CVE-2025-12945 Published on December 9, 2025
Improper input validation in NETGEAR Nighthawk router R7000P
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation.
This issue affects R7000P: through 1.3.3.154.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2025-12945
Want to know whenever a new CVE is published for Netgear R7000p? stack.watch will email you.
Affected Versions
NETGEAR R7000P:- Before and including 1.3.3.154 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.