CVE-2024-42977 is a stack-based buffer overflow vulnerability identified in the Tenda FH1206 router firmware version v02.03.01.35. The vulnerability arises from improper handling of the qos parameter within the fromqossetting function. When a specially crafted POST request is sent to the device, it triggers a stack overflow condition, leading to a denial of service by crashing or rebooting the router. The vulnerability does not require any authentication or user interaction, making it remotely exploitable by any attacker with network access to the device. The CVSS v3.1 base score is 7.5, reflecting high severity due to the ease of exploitation (network vector, no privileges required) and the impact on availability. The flaw is categorized under CWE-787 (Out-of-bounds Write), indicating that the overflow occurs due to writing outside the bounds of allocated memory on the stack. Currently, no patches or firmware updates have been released by Tenda to address this issue, and no known exploits have been reported in the wild. This vulnerability primarily affects the Tenda FH1206 router, a consumer-grade networking device commonly used in home and small office environments.

The primary impact of CVE-2024-42977 is a denial of service condition that can disrupt network connectivity by crashing or rebooting the affected Tenda FH1206 routers. This can lead to loss of internet access and interruption of business operations, especially for small businesses or home users relying on this device as their primary network gateway. While the vulnerability does not directly compromise confidentiality or integrity, the resulting service outage can affect availability critically. In environments where continuous network uptime is essential, such as remote work setups, VoIP communications, or IoT device management, this vulnerability poses a significant risk. Additionally, denial of service attacks can be used as a precursor or distraction for other malicious activities. The lack of authentication requirement and ease of exploitation increase the likelihood of opportunistic attacks, particularly in networks where these routers are exposed to untrusted networks or the internet.

Given the absence of an official patch, organizations should implement immediate compensating controls. First, restrict access to the router's management interface by limiting exposure to trusted internal networks only and blocking external access via firewall rules. Disable remote management features if enabled. Monitor network traffic for unusual POST requests targeting the qos parameter or abnormal router behavior such as unexpected reboots. Employ network segmentation to isolate vulnerable devices from critical infrastructure. Consider deploying intrusion detection/prevention systems (IDS/IPS) with custom signatures to detect exploitation attempts targeting this vulnerability. Where feasible, replace affected Tenda FH1206 routers with alternative devices from vendors with timely security update practices. Stay alert for firmware updates or advisories from Tenda and apply patches promptly once available. Additionally, maintain regular backups of router configurations to facilitate quick recovery after an incident.