CVE Vulnerabilities

CVE-2025-46632

Reusing a Nonce, Key Pair in Encryption

Published: May 01, 2025 | Modified: May 27, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server.

Weakness

Nonces should be used for the present occasion and only once.

Affected Software

Name Vendor Start Version End Version
Rx2_pro_firmware Tenda 16.03.30.14 (including) 16.03.30.14 (including)

Potential Mitigations

References