Details of VAR-202403-1067

ID

VAR-202403-1067

CVE

CVE-2024-2978

TITLE

Shenzhen Tenda Technology Co.,Ltd. of f1203 Out-of-bounds write vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2024-016636

DESCRIPTION

A vulnerability classified as critical has been found in Tenda F1203 2.0.1.6. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258147. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of f1203 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the fact that the funcpara1 parameter of the formSetCfm method of the /goform/setcfm file fails to correctly verify the length of the input data. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Trust: 2.16

sources: NVD: CVE-2024-2978 // JVNDB: JVNDB-2024-016636 // CNVD: CNVD-2024-20297

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-20297

AFFECTED PRODUCTS

vendor:	tenda	model:	f1203	scope:	eq	version:	2.0.1.6	Trust: 1.6
vendor:	tenda	model:	f1203	scope:	eq	version:	f1203 firmware 2.0.1.6	Trust: 0.8
vendor:	tenda	model:	f1203	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	f1203	scope:	-	version:	-	Trust: 0.8

sources: CNVD: CNVD-2024-20297 // JVNDB: JVNDB-2024-016636 // NVD: CVE-2024-2978

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2024-2978
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2024-2978
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2024-016636
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2024-20297
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2024-2978
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2024-016636
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2024-20297
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2024-2978
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	JVNDB-2024-016636
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2024-20297 // JVNDB: JVNDB-2024-016636 // NVD: CVE-2024-2978 // NVD: CVE-2024-2978

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-787	Trust: 1.0
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-016636 // NVD: CVE-2024-2978

PATCH

title:

Patch for Tenda F1203 formSetCfm method buffer overflow vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/544186

Trust: 0.6

sources: CNVD: CNVD-2024-20297

EXTERNAL IDS

db:	NVD	id:	CVE-2024-2978	Trust: 3.2
db:	VULDB	id:	258147	Trust: 1.8
db:	JVNDB	id:	JVNDB-2024-016636	Trust: 0.8
db:	CNVD	id:	CNVD-2024-20297	Trust: 0.6

sources: CNVD: CNVD-2024-20297 // JVNDB: JVNDB-2024-016636 // NVD: CVE-2024-2978

REFERENCES

url:	https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/f/f1203/formsetcfm.md	Trust: 1.8
url:	https://vuldb.com/?id.258147	Trust: 1.8
url:	https://vuldb.com/?submit.301029	Trust: 1.8
url:	https://vuldb.com/?ctiid.258147	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2024-2978	Trust: 0.8
url:	https://patchstack.com/database/vulnerability/oneclick-whatsapp-order/wordpress-oneclick-chat-to-order-plugin-1-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve	Trust: 0.6

sources: CNVD: CNVD-2024-20297 // JVNDB: JVNDB-2024-016636 // NVD: CVE-2024-2978

SOURCES

db:	CNVD	id:	CNVD-2024-20297
db:	JVNDB	id:	JVNDB-2024-016636
db:	NVD	id:	CVE-2024-2978

LAST UPDATE DATE

2025-01-19T23:24:26.171000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-20297	date:	2024-04-25T00:00:00
db:	JVNDB	id:	JVNDB-2024-016636	date:	2025-01-16T08:12:00
db:	NVD	id:	CVE-2024-2978	date:	2025-01-15T18:20:16.187

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-20297	date:	2024-04-19T00:00:00
db:	JVNDB	id:	JVNDB-2024-016636	date:	2025-01-16T00:00:00
db:	NVD	id:	CVE-2024-2978	date:	2024-03-27T14:15:13.267