CVE-2024-32302 identifies a stack-based buffer overflow vulnerability in the Tenda FH1202 router firmware version 1.2.0.14(408). The vulnerability arises from improper handling of the PPW parameter within the fromWizardHandle function, which does not adequately validate input size or bounds, leading to a stack overflow condition (CWE-121). This flaw can be exploited remotely over the network (AV:N) with low attack complexity (AC:L) but requires low-level privileges (PR:L) and no user interaction (UI:N). The vulnerability affects the confidentiality, integrity, and availability of the device, potentially allowing an attacker to execute arbitrary code or cause a denial of service by crashing the device. The scope is unchanged (S:U), meaning the impact is limited to the vulnerable component. The CVSS v3.1 base score is 6.3, indicating medium severity. No public exploit code or patches are currently available, but the vulnerability poses a risk to networks using this router model, especially if exposed to untrusted networks or if administrative access controls are weak. The lack of patches necessitates proactive mitigation until official fixes are released.

The vulnerability could allow an attacker with network access and low privileges to exploit the stack overflow to disrupt router operations or execute arbitrary code, potentially leading to denial of service or unauthorized control over the device. This can compromise the confidentiality and integrity of network traffic passing through the router and affect the availability of network services. Organizations relying on Tenda FH1202 routers for critical network infrastructure may experience service outages or data breaches. The impact is particularly significant in environments where these routers are exposed to untrusted networks or where administrative interfaces are insufficiently protected. Although no known exploits exist in the wild, the vulnerability could be targeted by attackers seeking to pivot into internal networks or disrupt operations.

1. Immediately restrict network access to the router’s management interfaces, limiting it to trusted IP addresses or internal networks only. 2. Disable any unnecessary services or remote management features on the Tenda FH1202 device to reduce the attack surface. 3. Monitor network traffic and device logs for unusual activity that may indicate exploitation attempts. 4. Implement network segmentation to isolate vulnerable devices from critical infrastructure. 5. Regularly check for firmware updates from Tenda and apply patches promptly once available. 6. Consider replacing affected devices with models from vendors with a stronger security track record if patches are delayed. 7. Employ intrusion detection/prevention systems (IDS/IPS) to detect anomalous packets targeting the PPW parameter or related functions. 8. Educate network administrators about the vulnerability and enforce strong authentication and access control policies.