Home
About Us
Services
Application Security
Web Application Penetration Testing
API Penetration Testing
Mobile Application Penetration Testing​
Source Code Reviews
Threat Modeling
Architecture Reviews
Infrastructure Security
Internal Network Penetration Testing
External Network Penetration Testing
Active Directory Security Assessments
Wireless Network Penetration Testing
Host Reviews
Firewall Configuration Reviews
Cloud Security
Cloud Configuration Reviews
Cloud Penetration Testing
Adversary Simulations
Red Teaming
Purple teaming
OSINT
Phishing Simulations
DevSecOps
Container Security
Kubernetes configuration reviews
Other
Managed Vulnerability Scanning
PCI DSS Security Assessments
Hardware Security Assessments
Smart Contracts Security Assessments
Academy
Advisory
Blog
Media
Podcasts
Videos
Contact Us
Home
About Us
Services
Application Security
Web Application Penetration Testing
API Penetration Testing
Mobile Application Penetration Testing​
Source Code Reviews
Threat Modeling
Architecture Reviews
Infrastructure Security
Internal Network Penetration Testing
External Network Penetration Testing
Active Directory Security Assessments
Wireless Network Penetration Testing
Host Reviews
Firewall Configuration Reviews
Cloud Security
Cloud Configuration Reviews
Cloud Penetration Testing
Adversary Simulations
Red Teaming
Purple teaming
OSINT
Phishing Simulations
DevSecOps
Container Security
Kubernetes configuration reviews
Other
Managed Vulnerability Scanning
PCI DSS Security Assessments
Hardware Security Assessments
Smart Contracts Security Assessments
Academy
Advisory
Blog
Media
Podcasts
Videos
Contact Us

Asus RT N12 + B1's Insecure Credential Storage CVE-2024-28327

  • May 15, 2024
  • Hardware/IoT
  • Shravan Singh

A vulnerability has been identified in the Asus RT-N12+ B1, specifically related to how the router stores its sensitive information (passwords) in cleartext in its database. Users risk security threats as cleartext passwords are easily accessible/readable as they do not utilize encryption technology. Immediate action is recommended to address this critical flaw to enhance the router’s security.

Credentials Stored in Cleartext

ASUS RT-N300 B1 Firmware version 3.0.0.4.380.10931

Impact of the Vulnerability

Asus RT-N12+ B1 router stores credentials in cleartext, risking unauthorized access, router manipulation, and potential data exposure. Immediate action is essential for remediation.

Timeline:

  • Initial Contact: 21/2/2024 – Report submitted to Asus, outlining the vulnerability.
  • Follow-up Contact 2: 28/02/2024 – First follow-up communication with Asus.
  • Asus Revert Back: 05/03/2024 – Acknowledgment received from Asus. Asus has officially declared that the RT-N12+ B1 (RT-N300 B1) router has reached the end of its product life cycle. Consequently, firmware maintenance and updates for this model were discontinued years ago. This cessation of support leaves the device vulnerable to existing security flaws within its firmware. Asus has indicated that a beta version of the router’s firmware is now available for testing. These companies seek user feedback to evaluate if this beta version addresses any identified issues. The beta firmware can be accessed and reviewed via this link
  • Follow-up Contact 3: 01/04/2024 – Second follow-up communication with Asus.
  • Asus Revert Back: 01/04/2024 – Acknowledgment received from Asus.
  • Follow-up Contact 4: 02/04/2024 – Third follow-up communication with Asus.
  • Asus Revert Back: 12/04/2024 – Continued follow-up communication with Asus. Asus has indicated that upon examination, they’ve determined that the firmware size for this model is excessively large. The product has reached the end of its life cycle, posing challenges for ongoing maintenance. Additionally, they have provided a beta version of the router firmware and requested feedback on whether it effectively addresses the identified issues. You can access the beta firmware file through this link
tenable cve

CVE-2024-28325 – Tenable

Vulnerability Description:

The Asus RT-N12+ B1 router is susceptible to a critical security vulnerability known as “credentials stored in cleartext”. This flaw arises from the insecure practice of storing passwords in cleartext within the router’s database. Therefore, malicious actors can exploit this vulnerability to gain unauthorized access and manipulate the router’s login credentials.

Proof-of-Concept:

Asus router stores passwords in cleartext in its database, if an unauthorized individual obtains access to the router firmware/database. They can easily read the cleartext passwords and manipulate and gain access to the router.

Proof of concept
Mitigation

It is recommended to upgrade the firmware to the latest version.

TL;DR

Asus RT N12+ B1 router stores credentials in plaintext, posing a security risk. The vulnerability allows unauthorized access and manipulation of router login credentials. It is recommended to upgrade the firmware to the latest version.. 

Redfox Security is a diverse network of expert security consultants with a global mindset and a collaborative culture. If you are looking to improve your organization’s security posture, contact us today to discuss your security testing needs. Our team of security professionals can help you identify vulnerabilities and weaknesses in your systems and provide recommendations to remediate them.

Join us on our journey of growth and development by signing up for our comprehensive courses.

Recent Blog

July 23, 2024
Cyber Security Training
July 23, 2024
Introduction to Assembly Language
July 23, 2024
Asus RT N12 + B1’s Privilege Escalation CVE-2024-28326​

Follow Us

Youtube X-twitter Facebook Instagram Linkedin Github Medium

Delaware Office

Redfox Cyber Security Inc.
8 The Green, Ste. A, Dover,
Delaware 19901,
United States.

info@redfoxsec.com

Quick Menu

Legal

Newsletter

Success
Thank you! Form submitted successfully.
This field is required

©️2024 Redfox Cyber Security Inc. All rights reserved.