CVE-2024-42984 is a stack-based buffer overflow vulnerability identified in the Tenda FH1206 router firmware version v02.03.01.35. The vulnerability arises from improper handling of the 'page' parameter within the fromP2pListFilter function. When a specially crafted POST request is sent to the affected device, it triggers a stack overflow condition, leading to memory corruption that causes the router to crash or reboot unexpectedly, resulting in a Denial of Service (DoS). The vulnerability is remotely exploitable without requiring any authentication or user interaction, making it accessible to attackers with network access to the device. The flaw is categorized under CWE-121 (Stack-based Buffer Overflow), which is a common and critical class of memory corruption bugs. Although the impact is limited to availability disruption, the ease of exploitation and the potential for widespread impact on network infrastructure elevate the concern. No patches or official mitigations have been released by Tenda at the time of this report, and no active exploitation has been observed in the wild. The CVSS v3.1 base score is 6.5, reflecting medium severity due to the lack of confidentiality or integrity impact but high availability impact and low attack complexity.

The primary impact of this vulnerability is a Denial of Service condition on affected Tenda FH1206 routers. This can disrupt network connectivity for end-users or organizations relying on these devices, potentially causing downtime and loss of productivity. In environments where these routers serve critical roles, such as small office/home office (SOHO) networks or branch offices, the disruption could affect business operations and communications. Although the vulnerability does not allow for data theft or device takeover, repeated or targeted exploitation could be used as part of a larger attack strategy to degrade network infrastructure. The lack of authentication requirement means that attackers within network range or with remote access to the device's management interface can exploit this flaw. The absence of known exploits in the wild currently limits immediate risk, but the vulnerability remains a concern until patched.

Organizations should immediately identify and inventory all Tenda FH1206 routers in their environment. Network segmentation should be employed to isolate vulnerable devices from untrusted networks, reducing exposure. Access to the router's management interfaces should be restricted using firewall rules or VPNs to limit potential attackers. Monitoring network traffic for unusual POST requests targeting the 'page' parameter can help detect exploitation attempts. Since no official patch is available yet, consider temporary mitigations such as disabling remote management features or replacing affected devices with models from vendors with active security support. Stay informed by monitoring Tenda's security advisories and CVE databases for updates or patches. Implementing intrusion detection/prevention systems (IDS/IPS) with custom signatures targeting this vulnerability can provide additional protection. Finally, prepare incident response plans to quickly address potential DoS events caused by exploitation.