CVE-2024-28326

Name of the Vulnerable Software and Affected Versions: ASUS RT-N12+ B1 versions (affected versions not specified) ASUS RT-N12 D1 versions (affected versions not specified)

Description: The issue is related to insufficient access control in the UART interface of the firmware of ASUS routers, allowing local attackers to gain unauthorized access to the root terminal. This can be exploited through the UART interface, potentially giving attackers root access to the device.

Recommendations: For ASUS RT-N12+ B1, restrict access to the UART interface until a patch is available. For ASUS RT-N12 D1, restrict access to the UART interface until a patch is available. As a temporary workaround, consider disabling the UART interface on both models to minimize the risk of exploitation.