CVE-2024-30591 identifies a stack overflow vulnerability in the Tenda FH1202 router firmware version 1.2.0.14(408). The vulnerability arises from improper handling of the 'time' parameter in the saveParentControlInfo function, which is likely part of the parental control feature. A stack overflow occurs when data exceeding the allocated buffer size is written to the stack, potentially overwriting the return address or other control data. This can allow an attacker to execute arbitrary code, cause denial of service, or crash the device. The vulnerability requires no authentication (PR:N) and no user interaction (UI:N), and can be exploited remotely (AV:A), increasing its risk profile. The CVSS v3.1 base score is 8.8, indicating a high severity with impacts on confidentiality, integrity, and availability (all rated high). The vulnerability is classified under CWE-121, a well-known category of stack-based buffer overflows. No patches or exploits are currently publicly available, but the absence of authentication and user interaction requirements makes this vulnerability a critical concern for affected networks. The Tenda FH1202 is a consumer and small office router, meaning exploitation could lead to network compromise, interception of traffic, or persistent device control.

The impact of CVE-2024-30591 is significant for organizations and individuals using the Tenda FH1202 router. Successful exploitation can lead to full compromise of the router, allowing attackers to intercept, modify, or disrupt network traffic, potentially leading to data breaches or network outages. The vulnerability affects confidentiality by enabling unauthorized access to sensitive data passing through the device, integrity by allowing manipulation of network communications, and availability by causing device crashes or persistent denial of service. Since the router is often deployed in home and small business environments, attackers could leverage compromised devices as footholds for lateral movement or as part of botnets. The lack of authentication and user interaction requirements increases the likelihood of exploitation, especially in environments where the device is exposed to untrusted networks or the internet. This can undermine organizational security postures and disrupt critical communications.

To mitigate CVE-2024-30591, organizations should first check for firmware updates from Tenda addressing this vulnerability and apply them promptly once available. In the absence of an official patch, network administrators should restrict access to the router's management interfaces by implementing network segmentation and firewall rules that limit remote access to trusted IP addresses only. Disabling parental control features or any related services that invoke the vulnerable function may reduce attack surface temporarily. Monitoring network traffic for unusual patterns or signs of exploitation attempts can help detect active attacks. Additionally, replacing affected devices with models from vendors with timely security support should be considered for long-term risk reduction. Employing intrusion detection/prevention systems (IDS/IPS) capable of identifying exploitation attempts targeting known stack overflow patterns can provide an additional layer of defense.