Primary

Context

Tenda RX2 Pro Improper Network Isolation Vulnerability Allowing Unauthorized Access to Router Resources

Vulnerability

A vulnerability exists in the Tenda RX2 Pro router running firmware 16.03.30.14, due to inadequate network isolation between the guest Wi-Fi and other network interfaces. This flaw enables an authenticated attacker on the guest network to access the router's resources and devices on other networks managed by the router, by setting a static IP address within the non-guest subnet.

Impact

Exploitation of this vulnerability could lead to unauthorized access to router resources and devices on other networks hosted by the router.

Reproduction

To reproduce this vulnerability, connect to the guest Wi-Fi network on a Tenda RX2 Pro router with firmware 16.03.30.14. Once connected, configure a static IP address within the non-guest subnet. This will allow access to the router's resources and devices on other networks managed by the router.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

4.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

4.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda RX2 Pro Improper Network Isolation Vulnerability Allowing Unauthorized Access to Router Resources

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating