6.1
CVE-2024-28325
- EPSS 0.14%
- Veröffentlicht 26.04.2024 19:15:47
- Zuletzt bearbeitet 09.07.2026 01:18:57
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to obtain unauthorized access and modify router settings.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerasus
≫
Produkt
rt-n12\+_b1
Default Statusunknown
Version
-
Status
affected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.041 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | 1.3 | 4.7 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L
|
CWE-256 Plaintext Storage of a Password
The product stores a password in plaintext within resources such as memory or files.
CWE-522 Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Credentials-Stored-in-Cleartext-CVE%E2%80%902024%E2%80%9028325