Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in cleartext in response to successful authentication. The IV is always EU5H62G9ICGRNI43.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tenda RX2 Pro 安全漏洞
Vulnerability Description
Tenda RX2 Pro是中国腾达(Tenda)公司的一款高性能WiFi 6信号放大器。 Tenda RX2 Pro 16.03.30.14版本存在安全漏洞,该漏洞源于web管理门户中敏感信息明文传输,可能导致解密客户端和服务器之间的流量。
CVSS Information
N/A
Vulnerability Type
N/A