Home
About Us
Services
Academy
Advisory
Blog
Media
Contact Us
Home
About Us
Services
Academy
Advisory
Blog
Media
Contact Us

Asus RT N12 + B1’s CSV Injection CVE-2024-28328

  • May 7, 2024
  • Hardware
  • Shravan Singh

A vulnerability has been uncovered in the Asus RT N12+ B1 router, specifically related to CSV Injection. This flaw poses a significant threat to device security and the networks it serves. CSV Injection allows attackers to inject malicious commands into CSV files, potentially leading to unauthorized access, data manipulation, or system compromise.

Firmware

ASUS RT-N300 B1 Firmware version 3.0.0.4.380.10931

Impact of the Vulnerability

  • Attackers can execute arbitrary commands, compromising network integrity. 
  • Attackers may target other network-connected devices, amplifying the damage. 

Timeline

  • Initial Contact: 21/2/2024 – Report submitted to Asus, outlining the vulnerability.  
  • Follow-up Contact 2: 28/02/2024 – First follow-up communication with Asus.  
  • Asus Revert Back: 05/03/2024 – Acknowledgment received from Asus.  Asus has officially declared that the RT-N12+ B1 (RT-N300 B1) router has reached the end of its product life cycle. Consequently, firmware maintenance and updates for this model were discontinued years ago. This cessation of support leaves the device vulnerable to existing security flaws within its firmware. Asus has indicated that a beta version of the router’s firmware is now available for testing. They are seeking user feedback to ascertain if this beta version effectively addresses the identified issue. The beta firmware can be accessed and reviewed via the following link 
  • Follow-up Contact 3: 01/04/2024 – Second follow-up communication with Asus.
  • Follow-up Contact 4: 02/04/2024 – Third follow-up communication with Asus.  
  • Asus Revert Back: 12/04/2024 – Continued follow-up communication with Asus.  Asus has indicated that upon examination, they’ve determined that the firmware size for this model is excessively large, and the product has reached the end of its life cycle, posing challenges for ongoing maintenance. Additionally, they have provided a beta firmware version for the router firmware. They’ve requested feedback on whether the provided firmware effectively addresses the identified issues. You can access the beta firmware file through the following link  
  • Asus Revert Back: 01/04/2024 – Acknowledgment received from Asus.  

CVE-2024-28328 – Tenable

Vulnerability Description: CSV Injection in Asus RT N12 + B1 Router

CSV Injection vulnerabilities allow attackers to gain unwarranted access to sensitive information stored within networks. Attackers can compromise the router’s integrity, facilitating unauthorized network access and the execution of arbitrary commands. 

Proof-of-Concept: Exploiting Excel Formulas in Client Name Parameter

Exploiting the CSV Injection vulnerability enables attackers to inject malicious commands into CSV files, compromising network security. This could lead to data breaches, service outages, and regulatory non-compliance issues.

Proof of Attacks
Mitigation

The CSV Injection vulnerability is to validate user input and escape special characters when handling CSV files. If possible upgrade to the latest version.

Redfox Security is a diverse network of expert security consultants with a global mindset and a collaborative culture. If you are looking to improve your organization’s security posture, contact us today to discuss your security testing needs. Our team of security professionals can help you identify vulnerabilities and weaknesses in your systems and provide recommendations to remediate them.

Join us on our journey of growth and development by signing up for our comprehensive courses.

Recent Blog

August 06, 2024
Securing AWS: Importance of Penetration Testing & Best Practices
August 06, 2024
Process Injection: Harnessing the Power of Shellcode
August 06, 2024
Decoding the Mystery: Identifying Unlabelled UART Pins

Follow Us

Youtube X-twitter Facebook Instagram Linkedin Github Medium

Delaware Office

Redfox Cyber Security Inc.
8 The Green, Ste. A, Dover,
Delaware 19901,
United States.

info@redfoxsec.com

Quick Menu

Legal

Newsletter

Success
Thank you! Form submitted successfully.
This field is required

©️2024 Redfox Cyber Security Inc. All rights reserved.