Primary

Context

Tenda RX2 Pro Command Injection Vulnerability in Web Management Portal

Vulnerability

A command injection vulnerability has been identified in the 'setLanCfg' API endpoint of the Tenda RX2 Pro router, running firmware version 16.03.30.14. This vulnerability allows an authorized remote attacker to gain root shell access by sending a crafted web request through the web management portal. The injected command execution is persistent, as the exploitation is saved in the device's configuration.

Impact

Exploitation of this vulnerability provides unauthorized root access to the device via a shell.

Reproduction

To reproduce this vulnerability, an authenticated user must send a crafted request to the 'setLanCfg' API endpoint. The injected command will be executed with root privileges and will persist across reboots by being saved in the device's configuration.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda RX2 Pro Command Injection Vulnerability in Web Management Portal

Vulnerability

Impact

Reproduction

Affected Products

Tenda RX2 Pro

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating