CVE-2024-42945

Name of the Vulnerable Software and Affected Versions Tenda FH1201 version 1.2.0.14 (408)

Description The issue is related to a stack overflow vulnerability in the fromAddressNat function of the Tenda FH1201 router's firmware. This vulnerability can be exploited by sending a specially crafted POST request, potentially allowing a remote attacker to cause a Denial of Service (DoS). The vulnerability is associated with the page parameter in the fromAddressNat function.

Recommendations For Tenda FH1201 version 1.2.0.14 (408), consider disabling the fromAddressNat function until a patch is available to prevent exploitation via the page parameter in crafted POST requests. Restrict access to the vulnerable function to minimize the risk of a Denial of Service (DoS) attack. Avoid using the page parameter in the affected API endpoint until the issue is resolved.