CVE-2024-30632 identifies a stack overflow vulnerability in the Tenda FH1205 router firmware version 2.0.0.7(775). The vulnerability resides in the formWifiBasicSet function, which processes the security_5g parameter. A stack overflow occurs when this parameter is improperly handled, allowing an attacker to overwrite parts of the stack memory. This can lead to unpredictable behavior, primarily resulting in denial of service (DoS) conditions by crashing the router. The vulnerability does not affect confidentiality or integrity directly, as it does not provide code execution or data leakage capabilities based on current information. The attack vector is adjacent network (AV:A), meaning the attacker must be on the same local or wireless network segment as the device. No privileges are required (PR:N), and no user interaction is needed (UI:N), making exploitation relatively straightforward if network access is obtained. The CVSS v3.1 base score is 6.5, reflecting a medium severity level, primarily due to the impact on availability. The vulnerability is categorized under CWE-121, indicating a classic stack-based buffer overflow issue. No patches or official fixes have been released yet, and no known exploits have been reported in the wild. This vulnerability highlights the importance of secure input validation in embedded device firmware, especially in consumer-grade routers that are often exposed to local network threats.

The primary impact of CVE-2024-30632 is denial of service, where an attacker can crash the Tenda FH1205 router by sending a specially crafted request to the formWifiBasicSet function with a malicious security_5g parameter. This can disrupt network connectivity for all devices relying on the router, causing operational downtime and potential loss of productivity. Since the vulnerability requires local network access, the risk is higher in environments where network segmentation is weak or where guest or untrusted users have access to the same network segment. While the vulnerability does not directly compromise confidentiality or integrity, the resulting DoS can indirectly affect business operations and availability of critical services. Organizations using this router model in small office/home office (SOHO) or enterprise edge environments may face intermittent network outages if exploited. The absence of known exploits reduces immediate risk but also means attackers could develop exploits in the future. The lack of patches increases exposure duration, emphasizing the need for interim mitigations.

1. Restrict access to the router's management interface by implementing network segmentation and access control lists (ACLs) to limit who can reach the device on the local network. 2. Disable remote management features if enabled, to reduce exposure to adjacent network attackers. 3. Monitor network traffic for unusual or malformed requests targeting the formWifiBasicSet function or related management endpoints. 4. Regularly check for firmware updates from Tenda and apply patches promptly once available. 5. Consider replacing affected devices with models from vendors with a stronger security track record if patching is delayed. 6. Employ network intrusion detection systems (NIDS) capable of detecting buffer overflow exploit attempts or anomalous traffic patterns. 7. Educate users about the risks of connecting untrusted devices to the local network to reduce the attack surface. 8. Maintain backups of router configurations to enable quick recovery after a DoS event.