CVE-2024-42942 is a stack-based buffer overflow vulnerability identified in the Tenda FH1201 router firmware version 1.2.0.14 (build 408). The vulnerability resides in the frmL7ImForm function, where improper handling of the 'page' parameter in HTTP POST requests allows an attacker to overflow the stack. This can be exploited remotely without authentication or user interaction by sending a specially crafted POST request to the vulnerable router's web management interface. The overflow leads to a Denial of Service (DoS) condition, causing the device to crash or reboot, thereby disrupting network availability. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow). The CVSS v3.1 base score is 6.5, reflecting medium severity, with attack vector as adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H). No known exploits have been reported in the wild, and no official patches have been released at the time of publication. The lack of authentication requirement and ease of exploitation increase the risk of automated or targeted attacks against exposed devices. This vulnerability primarily affects Tenda FH1201 routers running the specified firmware version, which are commonly used in residential and small office environments.

The primary impact of CVE-2024-42942 is a Denial of Service condition on affected Tenda FH1201 routers, which can disrupt network connectivity for users relying on these devices. This can lead to loss of internet access, interruption of business operations, and potential cascading effects on dependent systems and services. Since the vulnerability does not affect confidentiality or integrity, data theft or manipulation is not a direct concern. However, the availability impact can be significant in environments where these routers serve as critical network gateways. The ease of exploitation without authentication or user interaction increases the likelihood of automated attacks, especially if the device management interface is exposed to adjacent networks or the internet. Organizations with large deployments of these routers, or those in environments with limited network segmentation, face higher risks. Additionally, service providers or managed network operators using these devices may experience customer impact and reputational damage if exploited. The absence of patches at present means that mitigation relies on network controls and monitoring until updates are available.

1. Immediately restrict access to the router's management interface by limiting it to trusted internal networks only; disable remote management if enabled. 2. Implement network segmentation to isolate the router management interface from untrusted or public networks, reducing exposure to adjacent attackers. 3. Monitor network traffic for unusual or malformed POST requests targeting the router's web interface, which may indicate exploitation attempts. 4. Regularly check for firmware updates from Tenda and apply patches promptly once a fix for this vulnerability is released. 5. Consider deploying intrusion detection or prevention systems (IDS/IPS) with signatures or heuristics to detect exploitation attempts against this specific vulnerability. 6. If possible, replace affected devices with models that have received security updates or have a better security track record. 7. Educate network administrators about this vulnerability and the importance of securing device management interfaces. 8. Maintain backups of router configurations to enable quick recovery in case of device failure due to exploitation.