CVE-2024-42944: n/a
CVE-2024-42944 is a medium severity stack overflow vulnerability found in Tenda FH1201 firmware version 1. 2. 0. 14 (408). The flaw exists in the fromNatlimit function, specifically via the page parameter, allowing an unauthenticated remote attacker to send a crafted POST request that triggers a stack overflow. This can cause a denial of service (DoS) by crashing or destabilizing the device. No confidentiality or integrity impact is reported, and no user interaction or privileges are required to exploit this vulnerability. There are currently no known exploits in the wild and no official patches released. Organizations using Tenda FH1201 routers should monitor for updates and consider network-level mitigations to prevent exploitation.
AI Analysis
Technical Summary
CVE-2024-42944 is a stack-based buffer overflow vulnerability identified in the Tenda FH1201 router firmware version 1.2.0.14 (build 408). The vulnerability arises from improper handling of the 'page' parameter within the fromNatlimit function. An attacker can craft a specially formatted POST request targeting this parameter, which causes the function to overflow the stack buffer. This overflow leads to a denial of service condition by crashing the router or causing it to become unresponsive. The vulnerability does not require any authentication or user interaction, making it remotely exploitable over the network. The CVSS v3.1 base score is 6.5, reflecting a medium severity level due to the lack of confidentiality or integrity impact and the limited scope to availability disruption only. The weakness is classified under CWE-121 (Stack-based Buffer Overflow). Currently, no patches or official remediation guidance have been published by Tenda, and no active exploitation has been reported. The vulnerability affects a specific firmware version, and users should verify their device version to assess exposure.
Potential Impact
The primary impact of CVE-2024-42944 is the potential for denial of service on affected Tenda FH1201 routers. This can disrupt network connectivity for organizations relying on these devices, potentially causing downtime and loss of productivity. Since the vulnerability does not compromise confidentiality or integrity, the risk of data breach or manipulation is low. However, the loss of availability can affect business operations, especially in environments where these routers serve as critical network gateways or are deployed in large numbers. The ease of exploitation without authentication increases the risk of automated attacks or scanning by threat actors. Organizations with remote or unmanaged Tenda FH1201 devices are particularly vulnerable to network-based DoS attacks leveraging this flaw.
Mitigation Recommendations
To mitigate CVE-2024-42944, organizations should first verify if they are using the affected Tenda FH1201 firmware version 1.2.0.14 (408). If so, they should monitor Tenda’s official channels for patches or firmware updates addressing this vulnerability and apply them promptly once available. In the interim, network administrators can implement access control measures such as firewall rules to restrict inbound POST requests to the router’s management interface from untrusted networks. Disabling remote management or restricting it to trusted IP addresses can reduce exposure. Network segmentation can also limit the impact of a compromised or crashed router. Additionally, monitoring network traffic for unusual POST requests targeting the router may help detect exploitation attempts. Regularly backing up router configurations and having contingency plans for device replacement or reboot can minimize downtime if a DoS occurs.
Affected Countries
China, India, Russia, Brazil, United States, Indonesia, Vietnam, Thailand, Mexico, South Africa
CVE-2024-42944: n/a
Description
CVE-2024-42944 is a medium severity stack overflow vulnerability found in Tenda FH1201 firmware version 1. 2. 0. 14 (408). The flaw exists in the fromNatlimit function, specifically via the page parameter, allowing an unauthenticated remote attacker to send a crafted POST request that triggers a stack overflow. This can cause a denial of service (DoS) by crashing or destabilizing the device. No confidentiality or integrity impact is reported, and no user interaction or privileges are required to exploit this vulnerability. There are currently no known exploits in the wild and no official patches released. Organizations using Tenda FH1201 routers should monitor for updates and consider network-level mitigations to prevent exploitation.
AI-Powered Analysis
Technical Analysis
CVE-2024-42944 is a stack-based buffer overflow vulnerability identified in the Tenda FH1201 router firmware version 1.2.0.14 (build 408). The vulnerability arises from improper handling of the 'page' parameter within the fromNatlimit function. An attacker can craft a specially formatted POST request targeting this parameter, which causes the function to overflow the stack buffer. This overflow leads to a denial of service condition by crashing the router or causing it to become unresponsive. The vulnerability does not require any authentication or user interaction, making it remotely exploitable over the network. The CVSS v3.1 base score is 6.5, reflecting a medium severity level due to the lack of confidentiality or integrity impact and the limited scope to availability disruption only. The weakness is classified under CWE-121 (Stack-based Buffer Overflow). Currently, no patches or official remediation guidance have been published by Tenda, and no active exploitation has been reported. The vulnerability affects a specific firmware version, and users should verify their device version to assess exposure.
Potential Impact
The primary impact of CVE-2024-42944 is the potential for denial of service on affected Tenda FH1201 routers. This can disrupt network connectivity for organizations relying on these devices, potentially causing downtime and loss of productivity. Since the vulnerability does not compromise confidentiality or integrity, the risk of data breach or manipulation is low. However, the loss of availability can affect business operations, especially in environments where these routers serve as critical network gateways or are deployed in large numbers. The ease of exploitation without authentication increases the risk of automated attacks or scanning by threat actors. Organizations with remote or unmanaged Tenda FH1201 devices are particularly vulnerable to network-based DoS attacks leveraging this flaw.
Mitigation Recommendations
To mitigate CVE-2024-42944, organizations should first verify if they are using the affected Tenda FH1201 firmware version 1.2.0.14 (408). If so, they should monitor Tenda’s official channels for patches or firmware updates addressing this vulnerability and apply them promptly once available. In the interim, network administrators can implement access control measures such as firewall rules to restrict inbound POST requests to the router’s management interface from untrusted networks. Disabling remote management or restricting it to trusted IP addresses can reduce exposure. Network segmentation can also limit the impact of a compromised or crashed router. Additionally, monitoring network traffic for unusual POST requests targeting the router may help detect exploitation attempts. Regularly backing up router configurations and having contingency plans for device replacement or reboot can minimize downtime if a DoS occurs.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2024-08-05T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 699f6cd2b7ef31ef0b5694fa
Added to database: 2/25/2026, 9:42:42 PM
Last enriched: 2/26/2026, 7:39:24 AM
Last updated: 2/26/2026, 7:59:58 AM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-25191: Uncontrolled Search Path Element in Digital Arts Inc. FinalCode Ver.5 series
HighCVE-2026-23703: Incorrect default permissions in Digital Arts Inc. FinalCode Ver.5 series
HighCVE-2026-1311: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in bearsthemes Worry Proof Backup
HighFinding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary], (Tue, Feb 24th)
MediumCVE-2026-2506: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motahar1 EM Cost Calculator
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.