Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
Tenda F3 Wireless Router Firmware: Admin Interface Hack Risk
CVE-2026-27513
Summary
The Tenda F3 Wireless Router's web interface is not secure, allowing a hacker to trick an administrator into making unauthorized changes to the router's settings. This could lead to a security breach or disruptions to your network. Upgrade to a secure version of the firmware to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| tenda | f3_firmware | <= 12.01.01.55_multi | – |
Original title
Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery (CSRF) vulnerability in the web-based administrative interface. The interface does not implement ...
Original description
Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a cross-site request forgery (CSRF) vulnerability in the web-based administrative interface. The interface does not implement anti-CSRF protections, allowing an attacker to induce an authenticated administrator to submit state-changing requests, which can result in unauthorized configuration changes.
nvd CVSS3.1
4.3
nvd CVSS4.0
5.1
Vulnerability type
CWE-352
Cross-Site Request Forgery (CSRF)
- https://www.tendacn.com/product/F3 Product
- https://www.vulncheck.com/advisories/tenda-f3-csrf-in-web-management-interface Third Party Advisory
Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026