CVE-2025-46626 – Tenda RX2 Pro AES Key Reuse Vulnerability

May 1, 2025

CVE ID : CVE-2025-46626

Published : May 1, 2025, 8:15 p.m. | 3 hours, 12 minutes ago

Description : Reuse of a static AES key and initialization vector for encrypted traffic to the ‘ate’ management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46627 – Tenda RX2 Pro Weak Credential Vulnerability

Next Article CVE-2025-46625 – Tenda RX2 Pro HTTPd Command Injection Vulnerability

Highlights

CVE-2023-7303 – Q2Apro Q2Apro-On-Site-Notifications Cross Site Scripting Vulnerability

May 7, 2025

CVE ID : CVE-2023-7303

Published : May 7, 2025, 10:15 p.m. | 1 hour, 21 minutes ago

Description : A vulnerability, which was classified as problematic, was found in q2apro q2apro-on-site-notifications up to 1.4.6. This affects the function process_request of the file q2apro-onsitenotifications-page.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.8 is able to address this issue. The patch is named 0ca85ca02f8aceb661e9b71fd229c45d388ea5b5. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Modernizing your approach to governance, risk and compliance

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

The biggest rival for Microsoft’s Xbox Ally is Valve’s Steam Deck, not Switch 2, so stop comparing the wrong gaming handhelds

Microsoft Copilot for Power Platform

Microsoft Copilot for Power Platform

Integrate Coveo Atomic CLI-Based Hosted Search Page into Adobe Experience Manager (AEM)

Mastering TypeScript: Your Ultimate Guide to Types, Inference & Compatibility

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

CVE-2025-46626 – Tenda RX2 Pro AES Key Reuse Vulnerability

CISA Flags CVE-2023-0386 as Actively Exploited Linux Kernel Privilege Escalation Threat

Linux-lek geeft aanvaller roottoegang: “organisaties moeten meteen patchen”

Google DeepMind at ICML 2024

Panda3DS is an Nintendo 3DS emulator

60% of AI agents work in IT departments – here’s what they do every day

SlugChess – chess with Fog-of-War and shuffled officers

CVE-2023-7303 – Q2Apro Q2Apro-On-Site-Notifications Cross Site Scripting Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-5616 – PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE-2025-22882 – Delta Electronics ISPSoft Buffer Overflow

CVE-2025-46626 – Tenda RX2 Pro AES Key Reuse Vulnerability

Related Posts