VYPR

F3

by Tenda

CVEs (9)

  • CVE-2026-22082HigJan 9, 2026
    risk 0.57cvss epss 0.00

    This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the use of login credentials as the session ID through its web-based administrative interface. A remote attacker could exploit this vulnerability by intercepting…

  • CVE-2026-22081HigJan 9, 2026
    risk 0.57cvss epss 0.00

    This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the missing HTTPOnly flag for session cookies associated with the web-based administrative interface. A remote at-tacker could exploit this vulnerability by…

  • CVE-2026-27514Feb 23, 2026
    risk 0.00cvss epss 0.00

    Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration download functionality. The configuration download response includes the router password and administrative password in plaintext. The…

  • CVE-2026-27513Feb 23, 2026
    risk 0.00cvss epss 0.00

    Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery (CSRF) vulnerability in the web-based administrative interface. The interface does not implement anti-CSRF protections, allowing an attacker to induce an authenticated…

  • CVE-2025-57571Sep 10, 2025
    risk 0.00cvss epss 0.00

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT.

  • CVE-2025-57572Sep 10, 2025
    risk 0.00cvss epss 0.00

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.

  • CVE-2025-57569Sep 10, 2025
    risk 0.00cvss epss 0.00

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.

  • CVE-2025-57570Sep 10, 2025
    risk 0.00cvss epss 0.00

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS.

  • CVE-2025-57573Sep 10, 2025
    risk 0.00cvss epss 0.00

    Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.