CVE-2025-46635 – Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass

May 1, 2025

CVE ID : CVE-2025-46635

Published : May 1, 2025, 8:15 p.m. | 3 hours, 12 minutes ago

Description : An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and devices on other networks hosted by the router by configuring a static IP address (within the non-guest subnet) on their host.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-48905 – Sematell ReplyOne Authentication Bypass

Next Article CVE-2025-46634 – Tenda RX2 Pro Password Hash Replay Vulnerability

Highlights

CVE-2025-5477 – Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability

June 20, 2025

CVE ID : CVE-2025-5477

Published : June 21, 2025, 1:15 a.m. | 31 minutes ago

Description : Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.

The specific flaw exists within the implementation of the Bluetooth L2CAP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the elysian-bt-service process. Was ZDI-CAN-26286.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Identify a Nap

Ambient Animations In Web Design: Principles And Implementation (Part 1)

Benchmarking AI-assisted developers (and their tools) for superior AI governance

Digital.ai launches White-box Cryptography Agent to enable stronger application security

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

How I Configure Polybar to Customize My Linux Desktop

How I Configure Polybar to Customize My Linux Desktop

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

CVE-2025-46635 – Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-30515 – CyberData Intercom File Upload Vulnerability

Rilasciato Sculpt OS 25.04: Nuova Versione del Sistema Operativo Sicuro Basato su Genode

Infortrend EonStor CS4000B NAS Storage Price & Cost in India

Community News: Latest PECL Releases (05.06.2025)

CVE-2025-5477 – Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVE-2025-6885 – PHPGurukul Teachers Record Management System SQL Injection Vulnerability

CVE-2025-54427 – Polkadot Frontier EVM Gas Price Manipulation Denial-of-Service

How UX Mapping Unlocks Digestible, Actionable Research Insights

CVE-2025-46635 – Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass

Related Posts