Security Advisory

CVE-2025-46628

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-01 00:00:00

Last updated 2025-05-02 15:13:51

Assigner mitre

State PUBLISHED

Description

Lack of input validation/sanitization in the ate management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the ate service when it is enabled. Authentication is not needed.

← Browse all CVEs View on cve.org ↗