Rx2 Pro Firmware Security Vulnerabilities and Issues — Rx2 Pro Firmware CVE List

Lucene search

TendaRx2 Pro Firmware

3 matches found

CVE•added 2025/05/01 8:15 p.m.•55 views

CVE-2025-46628

Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the 'ate' service when it is enabled. Authentication is not needed.

7.3CVSS6.9AI score0.00413EPSS

CVE•added 2025/05/01 8:15 p.m.•48 views

CVE-2025-46635

An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and devices on other ne...

7.1CVSS6.8AI score0.00042EPSS

CVE•added 2025/05/01 8:15 p.m.•46 views

CVE-2025-46626

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service.

7.3CVSS6.6AI score0.0003EPSS