CVE-2024-30600 identifies a stack overflow vulnerability in the Tenda FH1203 router firmware version 2.0.1.6. The vulnerability arises from improper bounds checking of the schedEndTime parameter in the setSchedWifi function, which manages scheduled Wi-Fi settings. This flaw corresponds to CWE-121, indicating a classic stack-based buffer overflow. An attacker with low-level privileges and authenticated access to the device's management interface can supply a specially crafted schedEndTime value to overflow the stack. This overflow can overwrite critical control data, potentially allowing arbitrary code execution or causing a denial of service by crashing the device. The CVSS v3.1 score of 8.0 reflects the vulnerability's high impact on confidentiality, integrity, and availability, with low attack complexity and no user interaction required. The attack vector is adjacent network (AV:A), meaning the attacker must have network access to the device management interface, and privileges required are low (PR:L). Currently, no public exploits or patches are available, increasing the urgency for defensive measures. This vulnerability affects a widely deployed consumer and small business router, making it a significant risk for network security.

The exploitation of CVE-2024-30600 can have severe consequences for organizations relying on the Tenda FH1203 router. Successful attacks can lead to full compromise of the device, allowing attackers to execute arbitrary code, manipulate network traffic, or disrupt network availability. This can result in unauthorized access to internal networks, interception or modification of sensitive data, and potential pivoting to other internal systems. The vulnerability threatens confidentiality, integrity, and availability simultaneously, increasing the risk of data breaches, service outages, and operational disruptions. Small and medium enterprises, home offices, and branch offices using this router model are particularly vulnerable. The lack of available patches and public exploits means organizations must proactively mitigate risk to prevent potential future exploitation. The impact extends to any environment where these routers are deployed, especially where network segmentation and access controls are weak.

1. Immediately restrict access to the router's management interface to trusted networks and users only, ideally via VPN or secure management VLANs. 2. Disable remote management features if not strictly necessary to reduce exposure. 3. Monitor vendor communications closely for firmware updates or patches addressing this vulnerability and apply them promptly once available. 4. Implement network segmentation to isolate vulnerable devices from critical infrastructure. 5. Employ intrusion detection/prevention systems to monitor for anomalous traffic patterns indicative of exploitation attempts targeting the setSchedWifi function. 6. Conduct regular audits of device configurations and access logs to detect unauthorized access. 7. Consider replacing affected devices with models from vendors with more robust security update practices if patching is delayed. 8. Educate network administrators about the specific risks of this vulnerability and the importance of limiting low-privilege authenticated access.