CVE-2025-57572

Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.6 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
mitreCNA
---
---
CISA-ADPADP
5.6 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
tendaf3_firmware
12.01.01.48
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tenda.com
https://github.com/arashiclustar/PingX-md/blob/main/F3/2025-57572/C.V.E-2025-57572.md