The vulnerability identified as CVE-2024-30601 affects the Tenda FH1203 router running firmware version 2.0.1.6. It is a stack-based buffer overflow (CWE-121) occurring in the saveParentControlInfo function, specifically related to the handling of the time parameter. A stack overflow arises when the input exceeds the allocated buffer size on the call stack, potentially overwriting return addresses or control data, enabling arbitrary code execution. The CVSS v3.1 score of 8.0 reflects the high impact and relatively low attack complexity. The attack vector is adjacent network (AV:A), meaning the attacker must have access to the local network or be able to send packets to the device. The attack complexity is low (AC:L), requiring no special conditions beyond network access. Privileges required are low (PR:L), indicating the attacker needs limited access, such as a guest or authenticated user with minimal rights. No user interaction is needed (UI:N), and the scope is unchanged (S:U), meaning the vulnerability affects only the vulnerable component. The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), indicating full compromise potential. No patches or exploits are currently available, but the vulnerability is publicly disclosed and should be considered critical for affected users. The flaw could be exploited to execute arbitrary code, potentially allowing attackers to control the router, intercept or manipulate traffic, disrupt network connectivity, or pivot to other internal systems.

The exploitation of this vulnerability can have severe consequences for organizations relying on Tenda FH1203 routers. Attackers could gain full control over the device, leading to interception or manipulation of sensitive network traffic, disruption of internet connectivity, or use of the router as a foothold for further attacks within the internal network. This could compromise the confidentiality of communications, integrity of data, and availability of network services. Small and medium enterprises, home users, and branch offices using this router model are particularly at risk. The lack of a patch increases exposure time, and the low complexity of exploitation means attackers with network access can leverage this vulnerability easily. Additionally, compromised routers could be enlisted into botnets or used for launching distributed denial-of-service (DDoS) attacks, amplifying the threat beyond the immediate victim. The vulnerability also poses risks to supply chain security if these devices are deployed in critical infrastructure or managed service provider environments.

Organizations should immediately restrict access to the management interfaces of Tenda FH1203 routers to trusted networks and users only, employing network segmentation to isolate vulnerable devices from untrusted or guest networks. Disable or limit remote management features if enabled. Monitor network traffic for unusual patterns that may indicate exploitation attempts. Since no official patches are currently available, consider temporary mitigation by disabling parental control features or any functionality invoking the vulnerable saveParentControlInfo function if possible. Employ strong authentication mechanisms and change default credentials to reduce the risk of unauthorized access. Regularly check for firmware updates from Tenda and apply them promptly once released. Additionally, implement network intrusion detection systems (NIDS) capable of detecting exploit attempts targeting this vulnerability. For critical environments, consider replacing affected devices with models from vendors with more robust security track records until a patch is available.