CVE-2025-57573 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2025-57573?

CVE-2025-57573 has a CVSS score of 5.6 (MEDIUM). This vulnerability allows remote attackers to execute arbitrary code or cause denial of service on Tenda F3 routers via a buffer overflow in the wifiTimeClose parameter. Attackers can exploit this by sending specially crafted requests to the router's web interface. All users of affected Tenda F3 router versions are potentially impacted.

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code or cause denial of service on Tenda F3 routers via a buffer overflow in the wifiTimeClose parameter. Attackers can exploit this by sending specially crafted requests to the router's web interface. All users of affected Tenda F3 router versions are potentially impacted.

💻 Affected Systems

Products:

Tenda F3

Versions: V12.01.01.48_multi and later versions

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects routers with web management interface accessible. Default configurations typically expose this interface.

📦 What is this software?

F3 Firmware by Tenda

View all CVEs affecting F3 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete router compromise, network traffic interception, credential theft, and lateral movement to connected devices.

🟠

Likely Case

Router crash/reboot causing temporary network disruption, or limited code execution allowing configuration changes.

🟢

If Mitigated

Denial of service only if exploit attempts are blocked by network controls, with no code execution.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires sending crafted HTTP requests to the router's web interface. No public exploit code is available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Tenda for latest firmware updates

Vendor Advisory: http://tenda.com

Restart Required: Yes

Instructions:

1. Log into Tenda router admin interface. 2. Navigate to System Tools > Firmware Upgrade. 3. Check for and install latest firmware. 4. Reboot router after update.

🔧 Temporary Workarounds

Disable remote management

all

Prevent external access to router web interface

Restrict management interface access

all

Limit web interface access to trusted IP addresses only

🧯 If You Can't Patch

Isolate router on separate VLAN with strict firewall rules
Disable unused features and services on the router

🔍 How to Verify

Check if Vulnerable:

Check router firmware version via admin interface. If version is V12.01.01.48_multi or later, it may be vulnerable.

Check Version:

Check via router web interface at System Status or similar section

Verify Fix Applied:

Verify firmware version after update is newer than V12.01.01.48_multi and test web interface functionality.

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /goform/setWifi with abnormal wifiTimeClose parameter values
Router crash/reboot logs

Network Indicators:

Unusual HTTP POST requests to router management interface
Multiple connection attempts to router web port

SIEM Query:

source="router_logs" AND (uri="/goform/setWifi" OR message="buffer overflow" OR message="crash")

📊 Metadata

CVE ID: CVE-2025-57573

CVSS v3 Score: 5.6 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-120

EPSS Score: 0.03% exploit probability (9.4th percentile)

Published: September 10, 2025

Last Updated: September 17, 2025

🔗 References

http://tenda.com Not Applicable
https://github.com/arashiclustar/PingX-md/blob/main/F3/2025-57573/C.V.E-2025-57573.md Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-57573, you might also want to check these: