CVE-2024-42955 is a stack-based buffer overflow vulnerability identified in the Tenda FH1201 router firmware version 1.2.0.14 (build 408). The flaw exists in the fromSafeClientFilter function, specifically in the handling of the 'page' parameter received via POST requests. An attacker can craft a malicious POST request with a specially designed 'page' parameter that overflows the stack buffer, leading to a denial of service (DoS) by crashing the router or causing it to become unresponsive. The vulnerability does not require any privileges or user interaction, making it remotely exploitable by unauthenticated attackers over the network. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), a common and well-understood software weakness. The CVSS v3.1 score of 6.5 reflects the medium severity, with attack vector being adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H) without affecting confidentiality or integrity. Currently, there are no known public exploits or patches available, which suggests that exploitation in the wild is not yet observed but remains a potential risk. The affected device is a consumer-grade router commonly used in home and small office environments, which could be targeted to disrupt network connectivity or as part of a larger attack chain.

The primary impact of CVE-2024-42955 is denial of service, which can disrupt network availability for users relying on the Tenda FH1201 router. This can lead to loss of internet connectivity, interruption of business operations, and potential downtime for critical services dependent on the affected network. While the vulnerability does not allow data theft or modification, the loss of availability can be significant for small businesses, remote workers, and home users. In larger organizational contexts, if these routers are deployed at branch offices or remote sites, the DoS could hinder communication and operational continuity. Additionally, denial of service conditions can be leveraged as part of multi-stage attacks or to distract security teams while other attacks are conducted. The lack of authentication requirement and ease of exploitation increase the risk of automated or opportunistic attacks, especially in environments where these routers are exposed to untrusted networks or the internet.

To mitigate CVE-2024-42955, organizations should first check for firmware updates from Tenda and apply any patches once available. In the absence of official patches, network administrators should implement network-level protections such as firewall rules to restrict access to the router's management interfaces, especially blocking POST requests or traffic containing suspicious 'page' parameters from untrusted sources. Segmentation of the network to isolate the router from direct exposure to the internet or untrusted networks can reduce attack surface. Monitoring network traffic for anomalous POST requests targeting the router may help detect exploitation attempts. Additionally, consider deploying intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics to detect buffer overflow attempts. Regularly auditing device configurations and limiting administrative access to trusted personnel can further reduce risk. Finally, organizations should plan for incident response procedures to quickly recover from potential DoS events caused by exploitation of this vulnerability.