CVE-2024-46046 identifies a stack overflow vulnerability in the RouteStatic function of the Tenda FH451 router firmware version 1.0.0.9. The vulnerability is classified under CWE-121, indicating a classic stack-based buffer overflow caused by improper input validation or bounds checking within the static routing functionality. Exploitation requires no privileges or user interaction and can be triggered remotely, as indicated by the CVSS vector (AV:A/AC:L/PR:N/UI:N). The primary impact is on availability, as successful exploitation can cause the device to crash or reboot, resulting in denial of service. The CVSS score of 6.5 reflects a medium severity, balancing the ease of exploitation and the limited impact scope (no confidentiality or integrity loss). No patches or known exploits have been reported at the time of publication, suggesting the vulnerability is newly disclosed. The affected device, Tenda FH451, is a consumer and small business router, which may be deployed in various regions worldwide. The lack of authentication requirement and remote attack vector makes this vulnerability a concern for network stability, especially in environments relying on these routers for critical connectivity. The absence of patch links highlights the need for vigilance and proactive mitigation by users and administrators.

The primary impact of CVE-2024-46046 is denial of service due to device crashes caused by the stack overflow in the RouteStatic function. Organizations relying on Tenda FH451 routers could experience network outages or degraded service availability, potentially disrupting business operations, communications, and access to internet resources. Although the vulnerability does not compromise confidentiality or integrity, the loss of availability can affect critical network infrastructure, especially in small to medium enterprises or home office environments where these routers are commonly used. The ease of remote exploitation without authentication increases the risk of automated attacks or scanning by malicious actors. However, the lack of known exploits in the wild currently limits immediate widespread impact. Still, the vulnerability could be leveraged in targeted attacks or as part of larger denial-of-service campaigns. The absence of patches means affected organizations must rely on network-level controls and monitoring until a firmware update is released.

1. Immediately restrict remote access to the Tenda FH451 router management interfaces, especially from untrusted networks. 2. Implement network segmentation to isolate affected routers from critical infrastructure and sensitive data systems. 3. Monitor network traffic for unusual patterns or repeated attempts to access routing functions that could indicate exploitation attempts. 4. Disable or limit static routing features if not required to reduce the attack surface. 5. Regularly check Tenda’s official channels for firmware updates or security advisories addressing this vulnerability. 6. Employ intrusion detection/prevention systems (IDS/IPS) with signatures or anomaly detection capabilities to identify potential exploitation attempts. 7. Consider replacing affected devices with alternative hardware if timely patches are not forthcoming and the risk is unacceptable. 8. Maintain up-to-date backups and incident response plans to quickly recover from potential denial-of-service impacts.