Details of VAR-202505-1103

ID

VAR-202505-1103

CVE

CVE-2025-46629

TITLE

Shenzhen Tenda Technology Co.,Ltd. of RX2 Pro Access control vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-005738

DESCRIPTION

Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthorized configuration changes for any router where 'ate' has been enabled by sending a crafted UDP packet. Shenzhen Tenda Technology Co.,Ltd. of RX2 Pro Firmware contains an access control vulnerability.Information may be obtained and information may be tampered with. Tenda RX2 Pro is a high-performance WiFi 6 signal amplifier from China's Tenda. Attackers can exploit this vulnerability to cause unauthorized configuration changes

Trust: 2.16

sources: NVD: CVE-2025-46629 // JVNDB: JVNDB-2025-005738 // CNVD: CNVD-2025-13839

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-13839

AFFECTED PRODUCTS

vendor:	tenda	model:	rx2 pro	scope:	eq	version:	16.03.30.14	Trust: 1.6
vendor:	tenda	model:	rx2 pro	scope:	eq	version:	rx2 pro firmware 16.03.30.14	Trust: 0.8
vendor:	tenda	model:	rx2 pro	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	rx2 pro	scope:	-	version:	-	Trust: 0.8

sources: CNVD: CNVD-2025-13839 // JVNDB: JVNDB-2025-005738 // NVD: CVE-2025-46629

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-46629
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2025-005738
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2025-13839
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-13839
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-46629
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.5
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-005738
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-13839 // JVNDB: JVNDB-2025-005738 // NVD: CVE-2025-46629

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.0
problemtype:	Inappropriate access control (CWE-284) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-005738 // NVD: CVE-2025-46629

PATCH

title:

Patch for Tenda RX2 Pro Access Control Error Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/702411

Trust: 0.6

sources: CNVD: CNVD-2025-13839

EXTERNAL IDS

db:	NVD	id:	CVE-2025-46629	Trust: 3.2
db:	JVNDB	id:	JVNDB-2025-005738	Trust: 0.8
db:	CNVD	id:	CNVD-2025-13839	Trust: 0.6

sources: CNVD: CNVD-2025-13839 // JVNDB: JVNDB-2025-005738 // NVD: CVE-2025-46629

REFERENCES

url:	https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/readme?id=cve-2025-46629-lack-of-authentication-in-ate	Trust: 1.8
url:	https://www.tendacn.com/us/default.html	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-46629	Trust: 1.4

sources: CNVD: CNVD-2025-13839 // JVNDB: JVNDB-2025-005738 // NVD: CVE-2025-46629

SOURCES

db:	CNVD	id:	CNVD-2025-13839
db:	JVNDB	id:	JVNDB-2025-005738
db:	NVD	id:	CVE-2025-46629

LAST UPDATE DATE

2025-06-27T23:06:23.678000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-13839	date:	2025-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2025-005738	date:	2025-05-28T04:48:00
db:	NVD	id:	CVE-2025-46629	date:	2025-05-27T14:24:23.877

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-13839	date:	2025-06-26T00:00:00
db:	JVNDB	id:	JVNDB-2025-005738	date:	2025-05-28T00:00:00
db:	NVD	id:	CVE-2025-46629	date:	2025-05-01T20:15:38.660