CVSS 3.1 Score 8.8 of 10 (high)


Published Mar 26, 2024
Updated: Mar 27, 2024
CWE ID 121


CVE-2024-2903 is a critical vulnerability found in Tenda AC7, specifically in the GetParentControlInfo function of the file /goform/GetParentControlInfo. This vulnerability is classified as a stack-based buffer overflow and can be exploited remotely. The attack has been publicly disclosed, and the vendor has not responded to the disclosure. The vulnerability has a high base severity score of 8.8 and poses a potential danger to organizations as it can result in high impacts on confidentiality, integrity, and availability of the affected products. Remediation steps have not been provided in the available information.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2903 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options