Primary

Context

NETGEAR RAX30 and RAXE300 Improper Certificate Validation Vulnerability in Firmware Update Logic Allowing Arbitrary Command Execution

Vulnerability

Patched

A vulnerability exists in the firmware update process of the NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router). This vulnerability stems from improper certificate validation, which allows attackers who can intercept and modify traffic to the device to execute arbitrary commands. Devices with automatic updates enabled may have already applied the necessary patch. For those that have not, users should check the firmware version and update accordingly.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands on the affected device.

Remediation

Users can update to RAX30 firmware version 1.0.14.108 or later, or RAXE300 firmware version 1.0.9.82 or later. Instructions for downloading the latest firmware are available on the NETGEAR support website.

Added: Nov 11, 2025, 5:27 PM

Updated: Nov 11, 2025, 5:27 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

5.9

remediation

7.7

relevance

1.0

threat

0.0

urgency

5.7

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

5.9

remediation

7.7

relevance

1.0

threat

0.0

urgency

5.7

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NETGEAR RAX30 and RAXE300 Improper Certificate Validation Vulnerability in Firmware Update Logic Allowing Arbitrary Command Execution

Vulnerability

Impact

Remediation

Affected Products

NETGEAR RAX30

NETGEAR RAXE300

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating