Tenda F3 Firmware vulnerabilities

CVE-2026-27514 [HIGH] CWE-201 CVE-2026-27514: Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information expos Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration download functionality. The configuration download response includes the router password and administrative password in plaintext. The endpoint also omits appropriate Cache-Control directives, which can allow the r

CVE-2026-27512 [MEDIUM] CWE-79 CVE-2026-27512: Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a content-type confusion vuln Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a content-type confusion vulnerability in the administrative interface. Responses omit the X-Content-Type-Options: nosniff header and include attacker-influenced content that can be reflected into the response body. Under affected browser behaviors, MIME sniffing may cause the res

CVE-2026-27513 [MEDIUM] CWE-352 CVE-2026-27513: Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery (CSRF) vulnerability in the web-based administrative interface. The interface does not implement anti-CSRF protections, allowing an attacker to induce an authenticated administrator to submit state-changing requests, which can result in unauthorized co

CVE-2026-27511 [MEDIUM] CWE-1021 CVE-2026-27511: Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative interface. The interface does not set the X-Frame-Options header, allowing attacker-controlled sites to embed administrative pages in an iframe and trick an authenticated administrator into unintended interactions that

CVE-2025-57573 [MEDIUM] CWE-120 CVE-2025-57573: Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose paramet Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.

CVE-2025-57572 [MEDIUM] CWE-120 CVE-2025-57572: Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.

CVE-2025-57569 [MEDIUM] CWE-120 CVE-2025-57569: Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.

CVE-2025-57571 [MEDIUM] CWE-120 CVE-2025-57571: Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parame Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT.

CVE-2025-57570 [MEDIUM] CWE-120 CVE-2025-57570: Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS.

CVE-2020-35391 [CRITICAL] CVE-2020-35391: Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly i Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must be placed after the RouterCfm.cfg filename, or that the HT