CVE-2024-42945 is a stack-based buffer overflow vulnerability identified in the Tenda FH1201 router firmware version 1.2.0.14 (build 408). The vulnerability arises from improper handling of the 'page' parameter within the fromAddressNat function. When a specially crafted POST request is sent to the device, it triggers a stack overflow condition, causing the device to crash or reboot, resulting in a denial of service (DoS). The vulnerability does not require any privileges or user interaction, making it remotely exploitable by unauthenticated attackers with network access to the device's management interface. The flaw is categorized under CWE-121 (Stack-based Buffer Overflow), a common and critical class of memory corruption vulnerabilities. The CVSS v3.1 base score is 6.5, with an attack vector of adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H). There are no known public exploits or patches available at this time. The lack of patches increases the risk for affected users until a fix is released. The vulnerability primarily affects the availability of the device, potentially disrupting network connectivity for users relying on the Tenda FH1201 router. Given the nature of the vulnerability, exploitation could be automated and integrated into scanning tools targeting vulnerable devices on local or adjacent networks.

The primary impact of CVE-2024-42945 is a denial of service condition on affected Tenda FH1201 routers, which can cause network outages for end-users and organizations relying on these devices. This disruption can affect home users, small businesses, or any environment where this router model is deployed. While the vulnerability does not compromise confidentiality or integrity, the loss of availability can interrupt business operations, degrade user experience, and potentially cause cascading effects if the router serves as a critical network gateway or firewall. In environments with multiple vulnerable devices, coordinated attacks could amplify the impact. The absence of authentication requirements and user interaction lowers the barrier for attackers, increasing the likelihood of exploitation in local or adjacent network scenarios. However, the attack vector is limited to adjacent networks, meaning remote exploitation over the internet is less likely unless the device management interface is exposed externally. Organizations may face increased support costs and reputational damage if service disruptions occur due to exploitation of this vulnerability.

To mitigate CVE-2024-42945, affected users should first verify if their Tenda FH1201 router is running the vulnerable firmware version 1.2.0.14 (408) and avoid using this version if possible. Since no official patches are currently available, users should implement network segmentation to restrict access to the router's management interface, limiting it to trusted devices and networks only. Disabling remote management features or restricting them via firewall rules can reduce exposure. Monitoring network traffic for unusual POST requests targeting the fromAddressNat function or the 'page' parameter may help detect attempted exploitation. Employing intrusion detection/prevention systems (IDS/IPS) with signatures for stack overflow attempts can provide additional protection. Users should regularly check for firmware updates from Tenda and apply patches promptly once released. As a temporary workaround, consider replacing vulnerable devices with alternative models or vendors that do not exhibit this vulnerability. Documenting and preparing incident response plans for potential DoS events related to this vulnerability is also recommended.