CVSS 3.1 Score 8.8 of 10 (high)


Published Mar 27, 2024
CWE ID 121


A critical vulnerability, identified as CVE-2024-2978, has been discovered in Tenda F1203 This vulnerability affects the formSetCfm function in the /goform/setcfm file and can result in a stack-based buffer overflow through manipulation of the funcpara1 argument. The exploit can be triggered remotely, posing significant danger to organizations. The vulnerability has been disclosed publicly, and although the vendor was informed, they did not respond. The associated identifier for this vulnerability is VDB-258147.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2978 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options