CVE-2024-32307 identifies a stack overflow vulnerability in the Tenda FH1205 router firmware version 2.0.0.7(775). The vulnerability is triggered via the PPW parameter in the fromWizardHandle function, which is part of the router's firmware codebase. A stack overflow occurs when the input to this parameter exceeds the buffer size allocated on the stack, allowing an attacker to overwrite adjacent memory. This can lead to arbitrary code execution or control flow hijacking. The vulnerability is exploitable remotely over the network without requiring any authentication or user interaction, increasing its risk profile. The CVSS 3.1 score of 7.4 reflects a high severity, with attack vector being network (AV:N), attack complexity high (AC:H), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality (C:H) and integrity (I:H), but no impact on availability (A:N). The CWE classification is CWE-121, indicating a classic stack-based buffer overflow. No patches or official fixes have been published at the time of disclosure, and no known exploits have been detected in the wild. This vulnerability could allow attackers to gain unauthorized access to sensitive information or manipulate router configurations, potentially compromising the network environment.

The exploitation of this vulnerability could have severe consequences for organizations using the affected Tenda FH1205 routers. Attackers could remotely execute arbitrary code, leading to full compromise of the device's confidentiality and integrity. This could result in unauthorized access to network traffic, interception of sensitive data, or manipulation of router settings to facilitate further attacks such as man-in-the-middle, network eavesdropping, or lateral movement within the network. Although availability impact is not indicated, the loss of confidentiality and integrity alone can severely undermine network security. Given that no authentication or user interaction is required, attackers can exploit this vulnerability remotely, increasing the attack surface. Organizations relying on these routers, especially in critical infrastructure or enterprise environments, face heightened risks of data breaches and persistent network compromise if this vulnerability is exploited.

Since no official patches are currently available, organizations should implement immediate compensating controls. First, disable remote management interfaces on the Tenda FH1205 routers to reduce exposure to external attackers. Segment the network to isolate vulnerable devices from critical assets and limit lateral movement. Employ strict firewall rules to restrict access to the router's management ports and monitor network traffic for unusual patterns targeting the PPW parameter or related functions. Regularly audit router configurations and logs for signs of exploitation attempts. Consider replacing or upgrading affected devices to models with updated firmware once patches are released. Engage with Tenda support channels to obtain updates or workarounds. Additionally, implement network intrusion detection systems (NIDS) with signatures targeting stack overflow exploit attempts. Educate network administrators about this vulnerability and enforce strong network security hygiene to reduce risk.