CVE-2024-32315 identifies a stack-based buffer overflow vulnerability in the Tenda FH1202 router firmware version 1.2.0.14(408). The vulnerability arises from improper handling of the adslPwd parameter within the formWanParameterSetting function. When this parameter is processed, insufficient bounds checking allows an attacker with high privileges to overflow the stack, potentially overwriting adjacent memory. This can lead to arbitrary code execution or cause the device to crash, impacting availability. The vulnerability is remotely exploitable over the network without requiring user interaction, but it does require the attacker to have elevated privileges, such as authenticated access to the router's management interface. The CVSS v3.1 base score is 4.7, reflecting a medium severity level due to the combination of network attack vector, low complexity, but requiring privileges. The weakness corresponds to CWE-121 (Stack-based Buffer Overflow). No patches or known exploits have been reported yet, indicating this is a newly disclosed issue. The lack of available fixes means affected users must rely on mitigating controls until vendor updates are released.

The primary impact of this vulnerability is on the confidentiality, integrity, and availability of the affected Tenda FH1202 routers. An attacker with authenticated access could exploit the stack overflow to execute arbitrary code, potentially gaining control over the device or causing it to crash. This could disrupt network connectivity for end users or allow further lateral movement within a network. Although the CVSS score is medium, the requirement for high privileges limits the attack surface to insiders or attackers who have already compromised credentials. Organizations relying on these routers for WAN connectivity or as part of their network infrastructure could face service interruptions or unauthorized access if exploited. The absence of known exploits reduces immediate risk, but the vulnerability should be treated seriously given the potential for escalation and disruption.

To mitigate this vulnerability, organizations should immediately restrict access to the router's management interfaces, ensuring only trusted administrators can authenticate. Network segmentation and firewall rules should be applied to limit exposure of the device's management ports to untrusted networks. Monitoring for unusual activity or failed login attempts can help detect potential exploitation attempts. Until an official patch is released by Tenda, consider temporary measures such as disabling remote management features or replacing affected devices with models not impacted by this vulnerability. Regularly check for firmware updates from the vendor and apply them promptly once available. Additionally, enforce strong password policies and multi-factor authentication where possible to reduce the risk of credential compromise.