CVE-2025-46626
published 2025-05-01CVE-2025-46626: Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker…
high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | rx2_pro_firmware | — | — |