First published: Wed Mar 27 2024(Updated: )
A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. This affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258159. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Tenda FH1203 Firmware | =2.0.1.6 | |
Tenda FH1203 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-2990 is classified as a critical vulnerability.
To fix CVE-2024-2990, update the Tenda FH1203 firmware to a secure version above 2.0.1.6.
CVE-2024-2990 is a stack-based buffer overflow vulnerability.
Yes, CVE-2024-2990 can be exploited remotely due to its nature.
CVE-2024-2990 affects Tenda FH1203 devices running firmware version 2.0.1.6.