CVE-2024-28325 identifies a security vulnerability in the Asus RT-N12+ B1 router, where user credentials are stored in cleartext within the device. This improper credential storage corresponds to CWE-256 (Plaintext Storage of a Password) and CWE-522 (Insufficiently Protected Credentials). Because credentials are not encrypted or hashed, a local attacker with limited privileges can retrieve these credentials, enabling unauthorized access to the router's administrative interface. Once accessed, the attacker can modify router settings, potentially redirecting traffic, disabling security features, or creating persistent backdoors. The vulnerability requires local access to the device and some user interaction, which limits remote exploitation but still poses a significant risk in environments where physical or local network access is possible. The CVSS 3.1 score of 6.1 reflects medium severity, with attack vector local (AV:L), low attack complexity (AC:L), low privileges required (PR:L), and user interaction required (UI:R). The impact is primarily on confidentiality (C:L) and integrity (I:H), with a low impact on availability (A:L). No patches or exploits are currently reported, but the vulnerability highlights a critical security design flaw in credential management for this router model.

The vulnerability could allow attackers with local access to extract cleartext credentials, leading to unauthorized administrative access to the router. This access can compromise network integrity by altering configurations, such as DNS settings, firewall rules, or firmware updates, potentially enabling man-in-the-middle attacks, data interception, or persistent network compromise. Confidentiality is impacted as credentials are exposed, and integrity is severely affected due to the ability to modify router settings. Availability impact is low but could occur if attackers disable network services. Organizations relying on Asus RT-N12+ B1 routers, especially in environments with shared physical or local network access, face increased risk of internal threats or lateral movement by attackers. The lack of remote exploitability reduces the threat surface but does not eliminate risk in multi-tenant or physically accessible environments.

1. Immediately restrict physical and local network access to the Asus RT-N12+ B1 routers to trusted personnel only. 2. Monitor and audit local access logs to detect unauthorized attempts to access router settings. 3. Change default credentials and use strong, unique passwords to reduce risk if credentials are exposed. 4. Disable unnecessary local management interfaces or services to minimize attack vectors. 5. If possible, replace affected devices with models that implement secure credential storage and encryption. 6. Regularly check Asus security advisories for patches or firmware updates addressing this vulnerability and apply them promptly once available. 7. Implement network segmentation to isolate critical devices and limit the impact of compromised routers. 8. Educate users and administrators about the risks of local access and the importance of physical security controls. 9. Consider deploying network intrusion detection systems to identify suspicious configuration changes or unauthorized access attempts.