CVE-2024-30639 identifies a stack overflow vulnerability in the Tenda F1202 router firmware version 1.2.0.20(408). The vulnerability resides in the fromAddressNat function, specifically in the processing of the 'page' parameter. A stack overflow occurs when the input to this parameter exceeds the expected bounds, leading to memory corruption. This can cause the router to crash or reboot, resulting in a denial of service (DoS) condition. The vulnerability is exploitable remotely from an adjacent network, meaning an attacker connected to the same local network segment or Wi-Fi could trigger the overflow without requiring authentication or user interaction. The CVSS 3.1 vector (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) reflects that the attack is of medium complexity, does not require privileges or user interaction, and impacts only availability. No confidentiality or integrity impact is noted. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), a common and well-understood software weakness. As of the publication date, no patches or official fixes have been released, and no known exploits have been observed in the wild. The lack of a patch increases the risk of exploitation if attackers develop proof-of-concept code. The Tenda F1202 is a consumer-grade router, and its firmware version 1.2.0.20(408) is specifically affected, though the exact distribution of this version is not detailed. Network administrators should be aware of this vulnerability and take proactive steps to mitigate risk until a patch is available.

The primary impact of CVE-2024-30639 is a denial of service condition on affected Tenda F1202 routers, which can disrupt network connectivity for users relying on these devices. This can affect home users, small businesses, or branch offices using this router model. While the vulnerability does not allow for data theft or modification, the loss of availability can interrupt business operations, cause loss of productivity, and potentially impact critical services dependent on network access. In environments where these routers are used as part of larger network infrastructure, repeated or targeted exploitation could lead to network instability or outages. The medium CVSS score reflects the moderate risk, as exploitation requires network proximity and does not compromise confidentiality or integrity. However, the absence of authentication requirements and user interaction lowers the barrier for attackers with local network access. Organizations with remote management enabled on these devices may face increased risk if attackers can reach the management interface from adjacent networks. The lack of known exploits currently limits immediate widespread impact, but the vulnerability remains a concern until patched.

1. Restrict access to the router's management interface to trusted devices and networks only, preferably via VLAN segmentation or firewall rules limiting adjacent network access. 2. Disable remote management features if not required, especially those accessible from Wi-Fi or guest networks. 3. Monitor network traffic for unusual or malformed requests targeting the fromAddressNat function or the 'page' parameter to detect potential exploitation attempts. 4. Regularly check for firmware updates from Tenda and apply patches promptly once available. 5. Consider replacing affected devices with models from vendors with more frequent security updates if patching is delayed. 6. Implement network segmentation to isolate vulnerable devices from critical infrastructure. 7. Educate users about the risks of connecting untrusted devices to the local network, which could be used as a launch point for attacks. 8. Employ intrusion detection/prevention systems capable of recognizing buffer overflow attack patterns targeting network devices.