CVE Catalog

CVE-2025-57569

MediumCVSS 5.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile - higher than 9% of all known CVEs

Summary

A buffer overflow vulnerability has been discovered in the Tenda F3 router version V12.01.01.48_multi and later. The issue resides in the portList parameter of the /goform/setNAT endpoint.

Risk Assessment

An attacker can remotely crash the device or potentially execute arbitrary code, leading to full compromise of the router and network security.

Recommendation

Immediately update the Tenda F3 firmware to the latest patched version if available. Restrict management interface access to trusted networks as a temporary mitigation.

Original NVD description (English source)

Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS