Every CVE whose affected-product data names Tenda F3 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2020-35391 — CVSS 9.6 (critical): Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a…
CVE-2026-27514 — CVSS 6.5 (medium): Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration…
CVE-2026-27512 — CVSS 6.1 (medium): Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a content-type confusion vulnerability in the administrative…
CVE-2025-57571 — CVSS 5.6 (medium): Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT.
CVE-2025-57572 — CVSS 5.6 (medium): Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.
CVE-2025-57573 — CVSS 5.6 (medium): Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.
CVE-2025-57570 — CVSS 5.6 (medium): Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS.
CVE-2025-57569 — CVSS 5.6 (medium): Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.
CVE-2026-27513 — CVSS 4.3 (medium): Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery (CSRF) vulnerability in the web-based…
CVE-2026-27511 — CVSS 4.3 (medium): Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative…