CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-46632

Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.2%

CVSS Severity

CVSS v3 Score 6.5

References

https://blog.uturn.dev/#/writeups/iot-village/tenda-rx2pro/README?id=cve-2025-46632-static-iv-use-in-httpd
https://www.tendacn.com/us/default.html

Products affected by CVE-2025-46632

Tenda » Rx2 Pro » Version: N/A

cpe:2.3:h:tenda:rx2_pro:-
Tenda » Rx2 Pro Firmware » Version: 16.03.30.14

cpe:2.3:o:tenda:rx2_pro_firmware:16.03.30.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-46632

Products

Pricing

Contact Us