Details of VAR-202505-1101

ID

VAR-202505-1101

CVE

CVE-2025-46634

TITLE

Shenzhen Tenda Technology Co.,Ltd. of RX2 Pro Vulnerability related to plaintext storage of important information in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-005799

DESCRIPTION

Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption, but not until after the user has transmitted the hash of their password in cleartext. The hash can be replayed to authenticate. Shenzhen Tenda Technology Co.,Ltd. of RX2 Pro The firmware contains a vulnerability related to plaintext storage of sensitive information.Information may be obtained and information may be tampered with. Tenda RX2 Pro is a high-performance WiFi 6 signal amplifier from China's Tenda. Tenda RX2 Pro has an information leakage vulnerability that can be exploited by attackers to collect credentials for authentication

Trust: 2.16

sources: NVD: CVE-2025-46634 // JVNDB: JVNDB-2025-005799 // CNVD: CNVD-2025-09932

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-09932

AFFECTED PRODUCTS

vendor:	tenda	model:	rx2 pro	scope:	eq	version:	16.03.30.14	Trust: 1.6
vendor:	tenda	model:	rx2 pro	scope:	eq	version:	rx2 pro firmware 16.03.30.14	Trust: 0.8
vendor:	tenda	model:	rx2 pro	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	rx2 pro	scope:	-	version:	-	Trust: 0.8

sources: CNVD: CNVD-2025-09932 // JVNDB: JVNDB-2025-005799 // NVD: CVE-2025-46634

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-46634
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-005799
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-09932
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-09932
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:L/AU:N/C:C/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-46634
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	4.2
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-005799
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-09932 // JVNDB: JVNDB-2025-005799 // NVD: CVE-2025-46634

PROBLEMTYPE DATA

problemtype:	CWE-312	Trust: 1.0
problemtype:	Plaintext storage of important information (CWE-312) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-005799 // NVD: CVE-2025-46634

PATCH

title:

Patch for Tenda RX2 Pro Information Disclosure Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/688166

Trust: 0.6

sources: CNVD: CNVD-2025-09932

EXTERNAL IDS

db:	NVD	id:	CVE-2025-46634	Trust: 3.2
db:	JVNDB	id:	JVNDB-2025-005799	Trust: 0.8
db:	CNVD	id:	CNVD-2025-09932	Trust: 0.6

sources: CNVD: CNVD-2025-09932 // JVNDB: JVNDB-2025-005799 // NVD: CVE-2025-46634

REFERENCES

url:	https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/readme?id=cve-2025-46634-transmission-of-plaintext-credentials-in-httpd	Trust: 1.8
url:	https://www.tendacn.com/us/default.html	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-46634	Trust: 1.4

sources: CNVD: CNVD-2025-09932 // JVNDB: JVNDB-2025-005799 // NVD: CVE-2025-46634

SOURCES

db:	CNVD	id:	CNVD-2025-09932
db:	JVNDB	id:	JVNDB-2025-005799
db:	NVD	id:	CVE-2025-46634

LAST UPDATE DATE

2025-05-30T23:17:22.520000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-09932	date:	2025-05-16T00:00:00
db:	JVNDB	id:	JVNDB-2025-005799	date:	2025-05-28T08:20:00
db:	NVD	id:	CVE-2025-46634	date:	2025-05-27T14:18:00.567

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-09932	date:	2025-05-15T00:00:00
db:	JVNDB	id:	JVNDB-2025-005799	date:	2025-05-28T00:00:00
db:	NVD	id:	CVE-2025-46634	date:	2025-05-01T20:15:39.460