CVE-2025-46635 – Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass

May 1, 2025

CVE ID : CVE-2025-46635

Published : May 1, 2025, 8:15 p.m. | 3 hours, 12 minutes ago

Description : An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and devices on other networks hosted by the router by configuring a static IP address (within the non-guest subnet) on their host.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-48905 – Sematell ReplyOne Authentication Bypass

Next Article CVE-2025-46634 – Tenda RX2 Pro Password Hash Replay Vulnerability

Highlights

CVE-2025-30131 – IROAD Dashcam FX2 Unauthenticated File Upload Command Execution

June 26, 2025

CVE ID : CVE-2025-30131

Published : June 26, 2025, 5:15 p.m. | 1 hour, 52 minutes ago

Description : An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam. Additionally, by uploading a netcat (nc) binary, the attacker can establish a reverse shell, maintaining persistent remote and privileged access to the device. This allows complete device takeover.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-46635 – Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-8178 – Tenda AC10 Heap-Based Buffer Overflow Vulnerability

“Am I crazy or is GPT-4.1 the best model for coding?” ChatGPT gets new models with exemplary web development capabilities — but OpenAI is under fire for allegedly skimming through safety processes

Agent mode 101: All about GitHub Copilot’s powerful mode

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 16/2025

CVE-2025-30131 – IROAD Dashcam FX2 Unauthenticated File Upload Command Execution

libpeer is a portable WebRTC library for IoT/embedded devices

Intelligent Agents with n8n: AI-Powered Automation

Elements of System Design

CVE-2025-46635 – Tenda RX2 Pro Router Guest Wi-Fi Network Isolation Bypass

Related Posts