CVE-2024-42951 identifies a stack overflow vulnerability in the Tenda FH1201 router firmware version 1.2.0.14 (build 408). The flaw exists in the fromWizardHandle function, specifically in the processing of the mit_pptpusrpw parameter. An attacker can craft a malicious POST request containing a specially designed mit_pptpusrpw value that causes the router to overflow its stack buffer, leading to a denial of service condition by crashing or rebooting the device. This vulnerability is remotely exploitable without any authentication or user interaction, making it accessible to any attacker with network access to the device’s management interface. The CVSS v3.1 base score is 7.5, reflecting high severity due to ease of exploitation (network vector, low attack complexity, no privileges or user interaction required) and impact limited to availability (denial of service). The vulnerability is categorized under CWE-400, which relates to uncontrolled resource consumption leading to DoS. No patches or official fixes have been published at the time of disclosure, and no active exploits have been reported in the wild. The affected firmware version is specifically 1.2.0.14 (408), but the lack of broader version information suggests the need for further vendor confirmation. Given the nature of the flaw, attackers could disrupt network connectivity and availability for users relying on this router, potentially impacting business operations and home network stability.

The primary impact of CVE-2024-42951 is the disruption of network availability through denial of service attacks against Tenda FH1201 routers running the vulnerable firmware. Organizations and individuals using these routers may experience unexpected device crashes or reboots, leading to loss of internet connectivity and network services. This can affect business continuity, especially in environments where these routers serve as critical network gateways or are deployed in large numbers. Although the vulnerability does not directly compromise data confidentiality or integrity, the resulting downtime can hinder operations, delay communications, and increase support costs. In environments with limited redundancy or failover capabilities, the impact is more severe. Additionally, attackers could leverage this vulnerability as part of a broader attack strategy to cause disruption or distract from other malicious activities. The lack of authentication and user interaction requirements increases the risk of automated exploitation attempts once the vulnerability becomes widely known.

To mitigate CVE-2024-42951, organizations should first verify if they are using the Tenda FH1201 router with firmware version 1.2.0.14 (408). If so, immediate steps include restricting access to the router’s management interface by implementing network segmentation and firewall rules that limit access to trusted IP addresses only. Disabling remote management features or changing default management ports can reduce exposure. Monitoring network traffic for unusual POST requests targeting the mit_pptpusrpw parameter can help detect exploitation attempts. Since no official patch is currently available, contacting Tenda support for firmware updates or advisories is recommended. Where possible, consider upgrading to newer, supported router models or firmware versions that do not contain this vulnerability. Implementing network redundancy and failover mechanisms can minimize the operational impact of potential DoS events. Finally, maintain regular backups of router configurations and document recovery procedures to expedite restoration in case of device failure.