CVE-2024-2989

CVSS 3.1 Score 10.0 of 10 (high)

Details

Published Mar 27, 2024
Updated: May 17, 2024
CWE ID 77

Summary

CVE-2024-2589 is a critical buffer overflow vulnerability affecting the Tenda FH1203 2.0.1.6 firmware. The issue lies within the fromNatStaticSetting function of the NatStaticSetting file, where manipulation of the page argument leads to stack overflow. This vulnerability can be exploited remotely, and an exploit has been disclosed to the public. The vendor, Tenda, was notified about this disclosure but did not respond, leaving affected devices at risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share