VYPR

RX2 Pro

by Tenda

CVEs (19)

  • CVE-2022-38831CriSep 16, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList

  • CVE-2022-38830CriSep 16, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status.

  • CVE-2022-38829CriSep 16, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg.

  • CVE-2025-46625HigMay 1, 2025
    risk 0.57cvss 8.8epss 0.01

    Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker that is authorized to the web management portal to gain root shell access to the device by sending a crafted web request. This is persistent…

  • CVE-2024-10351HigOct 25, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer…

  • CVE-2024-10283HigOct 23, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack…

  • CVE-2024-10282HigOct 23, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The…

  • CVE-2024-10281HigOct 23, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch…

  • CVE-2025-46634HigMay 1, 2025
    risk 0.53cvss 8.2epss 0.00

    Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption,…

  • CVE-2025-46633HigMay 1, 2025
    risk 0.53cvss 8.2epss 0.00

    Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in…

  • CVE-2025-46627HigMay 1, 2025
    risk 0.53cvss 8.2epss 0.00

    Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easily-obtained device information. The password is based on the last two digits/octets of the MAC address.

  • CVE-2025-46628HigMay 1, 2025
    risk 0.48cvss 7.3epss 0.02

    Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the 'ate' service when it is enabled. Authentication is not…

  • CVE-2025-46626HigMay 1, 2025
    risk 0.47cvss 7.3epss 0.00

    Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service.

  • CVE-2025-46635HigMay 1, 2025
    risk 0.46cvss 7.1epss 0.00

    An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and…

  • CVE-2023-43886HigNov 7, 2023
    risk 0.46cvss 7.1epss 0.01

    A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.

  • CVE-2025-46631MedMay 1, 2025
    risk 0.43cvss 6.5epss 0.05

    Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a /goform/telnet web request.

  • CVE-2025-46632MedMay 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server.

  • CVE-2025-46630MedMay 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request.

  • CVE-2025-46629MedMay 1, 2025
    risk 0.42cvss 6.5epss 0.01

    Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthorized configuration changes for any router where 'ate' has been enabled by sending a crafted UDP packet