CVE-2024-46546 is a high-severity vulnerability identified in the NEXTU FLETA AX1500 WIFI6 Router version 1.0.3. The vulnerability is a stack-based buffer overflow triggered via the 'url' parameter in the /boafrm/formFilter endpoint. Specifically, an attacker can send a crafted POST request with malicious input in the 'url' parameter, causing the router's firmware to overwrite memory on the stack. This leads to a Denial of Service (DoS) condition, where the device may crash or become unresponsive. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), indicating that improper bounds checking allows the overflow. According to the CVSS v3.1 vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), the attack can be executed remotely over the network without any privileges or user interaction, making exploitation relatively straightforward. The impact includes limited confidentiality and integrity loss, but primarily affects availability by causing service disruption. No known exploits are currently reported in the wild, and no patches or vendor advisories have been published yet. The vulnerability was reserved in September 2024 and publicly disclosed in April 2025. The affected product is a consumer or small office/home office (SOHO) WiFi 6 router, which may be deployed in various environments requiring reliable network connectivity.

For European organizations, the primary impact of this vulnerability is the potential disruption of network connectivity due to router crashes. This can affect both home users and small to medium enterprises (SMEs) relying on the NEXTU FLETA AX1500 WIFI6 Router for internet access and internal network routing. A successful DoS attack could interrupt business operations, remote work, and access to cloud services, especially in environments with limited redundancy or alternative connectivity options. While the confidentiality and integrity impacts are limited, the availability impact can be significant, particularly for critical infrastructure sectors or businesses dependent on continuous network uptime. Additionally, if attackers leverage this vulnerability as part of a larger attack chain, it could facilitate further compromise or lateral movement. The lack of authentication and user interaction requirements increases the risk of automated exploitation attempts. European organizations with deployments of this router model should be aware of the potential for targeted or opportunistic attacks aiming to disrupt network services.

1. Network Segmentation: Isolate vulnerable routers from critical network segments to limit the impact of potential DoS attacks. 2. Access Control: Restrict access to the router's management interfaces and endpoints like /boafrm/formFilter by implementing firewall rules or network ACLs to allow only trusted IP addresses. 3. Monitoring and Detection: Deploy network monitoring tools to detect unusual POST requests or traffic patterns targeting the vulnerable endpoint, enabling rapid incident response. 4. Vendor Engagement: Engage with the router vendor or supplier to obtain firmware updates or patches addressing this vulnerability as soon as they become available. 5. Temporary Workarounds: If feasible, disable or restrict access to the affected endpoint (/boafrm/formFilter) via router configuration or web server settings to prevent exploitation. 6. Incident Response Preparedness: Prepare for potential DoS incidents by having failover internet connections or backup routers to minimize downtime. 7. Firmware Validation: Regularly verify router firmware integrity and update to the latest versions to reduce exposure to known vulnerabilities. 8. User Awareness: Educate network administrators about the vulnerability and encourage vigilance against suspicious network activity targeting routers.