https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 13:07:18 +0000 https://vulnerability.circl.lu/sighting/f72f57aa-bfe6-42c9-b125-c4f7d0e047d6/export {"uuid": "f72f57aa-bfe6-42c9-b125-c4f7d0e047d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46632", "type": "seen", "source": "https://t.me/cvedetector/24264", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46632 - Tenda RX2 Pro Cryptographic IV Reuse Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-46632 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:30.000000Z"} {"uuid": "f72f57aa-bfe6-42c9-b125-c4f7d0e047d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46632", "type": "seen", "source": "https://t.me/cvedetector/24264", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46632 - Tenda RX2 Pro Cryptographic IV Reuse Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-46632 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:30.000000Z"} https://vulnerability.circl.lu/sighting/f72f57aa-bfe6-42c9-b125-c4f7d0e047d6/export Thu, 01 May 2025 23:12:30 +0000 https://vulnerability.circl.lu/sighting/fd7aa4bd-c088-4bd1-b0f7-41454b99af60/export {"uuid": "fd7aa4bd-c088-4bd1-b0f7-41454b99af60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46633", "type": "seen", "source": "https://t.me/cvedetector/24265", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46633 - Tenda RX2 Pro Information Leak\", \n \"Content\": \"CVE ID : CVE-2025-46633 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in cleartext in response to successful authentication. The IV is always EU5H62G9ICGRNI43. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:31.000000Z"} {"uuid": "fd7aa4bd-c088-4bd1-b0f7-41454b99af60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46633", "type": "seen", "source": "https://t.me/cvedetector/24265", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46633 - Tenda RX2 Pro Information Leak\", \n \"Content\": \"CVE ID : CVE-2025-46633 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in cleartext in response to successful authentication. The IV is always EU5H62G9ICGRNI43. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:31.000000Z"} https://vulnerability.circl.lu/sighting/fd7aa4bd-c088-4bd1-b0f7-41454b99af60/export Thu, 01 May 2025 23:12:31 +0000 https://vulnerability.circl.lu/sighting/bb676ff8-04b9-4bcb-98b3-fc20217c3040/export {"uuid": "bb676ff8-04b9-4bcb-98b3-fc20217c3040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46634", "type": "seen", "source": "https://t.me/cvedetector/24266", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46634 - Tenda RX2 Pro Password Hash Replay Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-46634 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption, but not until after the user has transmitted the hash of their password in cleartext. The hash can be replayed to authenticate. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:32.000000Z"} {"uuid": "bb676ff8-04b9-4bcb-98b3-fc20217c3040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46634", "type": "seen", "source": "https://t.me/cvedetector/24266", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46634 - Tenda RX2 Pro Password Hash Replay Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-46634 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption, but not until after the user has transmitted the hash of their password in cleartext. The hash can be replayed to authenticate. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:32.000000Z"} https://vulnerability.circl.lu/sighting/bb676ff8-04b9-4bcb-98b3-fc20217c3040/export Thu, 01 May 2025 23:12:32 +0000 https://vulnerability.circl.lu/sighting/a5e419d6-a68d-483d-9e0f-4ee6f3e325c3/export {"uuid": "a5e419d6-a68d-483d-9e0f-4ee6f3e325c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46635", "type": "seen", "source": "https://t.me/cvedetector/24267", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46635 - Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass\", \n \"Content\": \"CVE ID : CVE-2025-46635 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and devices on other networks hosted by the router by configuring a static IP address (within the non-guest subnet) on their host. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:33.000000Z"} {"uuid": "a5e419d6-a68d-483d-9e0f-4ee6f3e325c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46635", "type": "seen", "source": "https://t.me/cvedetector/24267", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46635 - Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass\", \n \"Content\": \"CVE ID : CVE-2025-46635 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and devices on other networks hosted by the router by configuring a static IP address (within the non-guest subnet) on their host. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:33.000000Z"} https://vulnerability.circl.lu/sighting/a5e419d6-a68d-483d-9e0f-4ee6f3e325c3/export Thu, 01 May 2025 23:12:33 +0000 https://vulnerability.circl.lu/sighting/55a641ba-b540-42ce-a841-d6f1608b3487/export {"uuid": "55a641ba-b540-42ce-a841-d6f1608b3487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46630", "type": "seen", "source": "https://t.me/cvedetector/24273", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46630 - Tenda RX2 Pro Remote Command Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-46630 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:43.000000Z"} {"uuid": "55a641ba-b540-42ce-a841-d6f1608b3487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46630", "type": "seen", "source": "https://t.me/cvedetector/24273", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-46630 - Tenda RX2 Pro Remote Command Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-46630 \nPublished : May 1, 2025, 8:15 p.m. | 20\u00a0minutes ago \nDescription : Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:43.000000Z"} https://vulnerability.circl.lu/sighting/55a641ba-b540-42ce-a841-d6f1608b3487/export Thu, 01 May 2025 23:12:43 +0000 https://vulnerability.circl.lu/sighting/c344e60e-9bc9-4c97-8f9b-fcf6a523896b/export {"uuid": "c344e60e-9bc9-4c97-8f9b-fcf6a523896b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46630", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14490", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46630\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T15:07:14.930Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46630-enable-ate-unauthenticated-through-httpd", "creation_timestamp": "2025-05-02T15:16:54.000000Z"} {"uuid": "c344e60e-9bc9-4c97-8f9b-fcf6a523896b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46630", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14490", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46630\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T15:07:14.930Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46630-enable-ate-unauthenticated-through-httpd", "creation_timestamp": "2025-05-02T15:16:54.000000Z"} https://vulnerability.circl.lu/sighting/c344e60e-9bc9-4c97-8f9b-fcf6a523896b/export Fri, 02 May 2025 15:16:54 +0000 https://vulnerability.circl.lu/sighting/a4e38f2a-af8b-42bc-90af-f4bd1b55a775/export {"uuid": "a4e38f2a-af8b-42bc-90af-f4bd1b55a775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46631", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14491", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46631\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a /goform/telnet web request.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T15:05:39.836Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46631-enable-telnet-unauthenticated-through-httpd", "creation_timestamp": "2025-05-02T15:16:55.000000Z"} {"uuid": "a4e38f2a-af8b-42bc-90af-f4bd1b55a775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46631", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14491", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46631\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a /goform/telnet web request.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T15:05:39.836Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46631-enable-telnet-unauthenticated-through-httpd", "creation_timestamp": "2025-05-02T15:16:55.000000Z"} https://vulnerability.circl.lu/sighting/a4e38f2a-af8b-42bc-90af-f4bd1b55a775/export Fri, 02 May 2025 15:16:55 +0000 https://vulnerability.circl.lu/sighting/7c16741f-7375-4f71-95ac-f6bd96eb71c5/export {"uuid": "7c16741f-7375-4f71-95ac-f6bd96eb71c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46632", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14492", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46632\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T15:04:06.366Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46632-static-iv-use-in-httpd", "creation_timestamp": "2025-05-02T15:16:56.000000Z"} {"uuid": "7c16741f-7375-4f71-95ac-f6bd96eb71c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46632", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14492", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46632\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T15:04:06.366Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46632-static-iv-use-in-httpd", "creation_timestamp": "2025-05-02T15:16:56.000000Z"} https://vulnerability.circl.lu/sighting/7c16741f-7375-4f71-95ac-f6bd96eb71c5/export Fri, 02 May 2025 15:16:56 +0000 https://vulnerability.circl.lu/sighting/c767330e-e034-4bf6-b321-566cd74f0e05/export {"uuid": "c767330e-e034-4bf6-b321-566cd74f0e05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46633", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14496", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46633\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in cleartext in response to successful authentication. The IV is always EU5H62G9ICGRNI43.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T14:59:18.138Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46633-transmission-of-plaintext-symmetric-key-in-httpd", "creation_timestamp": "2025-05-02T15:16:59.000000Z"} {"uuid": "c767330e-e034-4bf6-b321-566cd74f0e05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46633", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14496", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46633\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in cleartext in response to successful authentication. The IV is always EU5H62G9ICGRNI43.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T14:59:18.138Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46633-transmission-of-plaintext-symmetric-key-in-httpd", "creation_timestamp": "2025-05-02T15:16:59.000000Z"} https://vulnerability.circl.lu/sighting/c767330e-e034-4bf6-b321-566cd74f0e05/export Fri, 02 May 2025 15:16:59 +0000 https://vulnerability.circl.lu/sighting/744c6c44-8594-4efa-a4d0-52d52da1a45d/export {"uuid": "744c6c44-8594-4efa-a4d0-52d52da1a45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46634", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14498", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46634\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption, but not until after the user has transmitted the hash of their password in cleartext. The hash can be replayed to authenticate.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T14:56:33.145Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46634-transmission-of-plaintext-credentials-in-httpd", "creation_timestamp": "2025-05-02T15:17:01.000000Z"} {"uuid": "744c6c44-8594-4efa-a4d0-52d52da1a45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46634", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14498", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46634\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption, but not until after the user has transmitted the hash of their password in cleartext. The hash can be replayed to authenticate.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T14:56:33.145Z\n\ud83d\udd17 References:\n1. https://www.tendacn.com/us/default.html\n2. https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46634-transmission-of-plaintext-credentials-in-httpd", "creation_timestamp": "2025-05-02T15:17:01.000000Z"} https://vulnerability.circl.lu/sighting/744c6c44-8594-4efa-a4d0-52d52da1a45d/export Fri, 02 May 2025 15:17:01 +0000