CVE-2024-32311 identifies a stack overflow vulnerability in the Tenda FH1203 router firmware version 2.0.1.6. The vulnerability arises from improper handling of the adslPwd parameter within the formWanParameterSetting function. Specifically, the stack overflow occurs when this parameter is processed, potentially allowing an attacker to overwrite the stack memory. This can lead to a denial of service (DoS) condition by crashing the device or causing it to become unresponsive. The vulnerability does not appear to allow for code execution or privilege escalation, as indicated by the CVSS vector which shows no impact on confidentiality or integrity, only availability. The attack vector is adjacent network (AV:A), meaning the attacker must have access to the local network or a network segment where the device is reachable. No privileges or user interaction are required, making exploitation easier once access is gained. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), a common and well-understood software weakness. As of the publication date, no patches or firmware updates have been released, and no exploits have been observed in the wild. The lack of patch availability increases the urgency for network-level mitigations and monitoring to prevent exploitation.

The primary impact of this vulnerability is on the availability of the affected Tenda FH1203 routers. Successful exploitation can cause the device to crash or reboot, resulting in network downtime and disruption of internet connectivity for users relying on these routers. This can affect both home users and small businesses that use this model. While the vulnerability does not compromise confidentiality or integrity, the denial of service can indirectly impact business operations, customer trust, and service continuity. In environments where these routers serve as critical network gateways, such disruption could have cascading effects on connected systems. The absence of known exploits reduces immediate risk, but the medium CVSS score and ease of exploitation (no authentication or user interaction required) mean attackers could develop exploits quickly once the vulnerability is publicly known. Organizations with large deployments of Tenda FH1203 routers or similar devices should consider this a moderate risk until patches are available.

1. Restrict network access to the router’s management interfaces, especially from untrusted or external networks, to reduce the attack surface. 2. Implement network segmentation to isolate vulnerable devices from critical infrastructure and sensitive data. 3. Monitor network traffic for unusual activity targeting the router’s management functions or the adslPwd parameter. 4. Use intrusion detection/prevention systems (IDS/IPS) with updated signatures to detect attempts to exploit stack overflow patterns. 5. Regularly check for firmware updates from Tenda and apply patches promptly once released. 6. Consider replacing affected devices with models from vendors with a stronger security track record if patching is delayed. 7. Educate network administrators about this vulnerability and encourage vigilance in monitoring router stability and logs. 8. Employ rate limiting or firewall rules to block suspicious requests targeting the vulnerable function. These steps go beyond generic advice by focusing on network-level controls and proactive monitoring tailored to this specific vulnerability.