2025-05-01 00:00:00
mitre
PUBLISHED
Lack of input validation/sanitization in the ate management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the ate service when it is enabled. Authentication is not needed.