Tenda F3
10 CVEs affecting Tenda F3. Latest disclosed: 2026-02-23. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-35391 | Critical | 9.6 | 2021-01-01 | Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-… |
CVE-2026-27514 | Medium | 6.5 | 2026-02-23 | Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration download functionali… |
CVE-2026-27512 | Medium | 6.1 | 2026-02-23 | Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a content-type confusion vulnerability in the administrative interface. Responses omit t… |
CVE-2025-57573 | Medium | 5.6 | 2025-09-10 | Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi. |
CVE-2025-57572 | Medium | 5.6 | 2025-09-10 | Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl. |
CVE-2025-57571 | Medium | 5.6 | 2025-09-10 | Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT. |
CVE-2025-57570 | Medium | 5.6 | 2025-09-10 | Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS. |
CVE-2025-57569 | Medium | 5.6 | 2025-09-10 | Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT. |
CVE-2026-27513 | Medium | 4.3 | 2026-02-23 | Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery (CSRF) vulnerability in the web-based administrative interf… |
CVE-2026-27511 | Medium | 4.3 | 2026-02-23 | Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative interface. The interface do… |