Asus Routers Vulnerable to Critical Security Flaw: Firmware Updates Urged
Recently, seven models of Asus routers were found to have a high-risk security vulnerability, identified as CVE-2024-3080 (CVSS v3.1 score: 9.8 “Critical”), which is an authentication bypass flaw allowing remote threat actors to take control of the devices without authentication. Asus has since addressed this security flaw in a firmware update released in the past few days.
The security vulnerability primarily affects the following router models:
– XT8 (ZenWiFi AX XT8) – Mesh WiFi 6 system offering speeds of up to 6600 Mbps with tri-band coverage, AiMesh support, AiProtection Pro, seamless roaming, and parental controls.
– XT8_V2 (ZenWiFi AX XT8 V2) – Updated version of XT8 with similar features, enhanced performance, and stability.
– RT-AX88U – Dual-band WiFi 6 router with speeds of up to 6000 Mbps, featuring 8 LAN ports, AiProtection Pro, and adaptive QoS for gaming and streaming.
– RT-AX58U – Dual-band WiFi 6 router providing speeds of up to 3000 Mbps, supporting AiMesh, AiProtection Pro, and MU-MIMO for efficient multi-device connections.
– RT-AX57 – Dual-band WiFi 6 router designed for basic needs, offering speeds of up to 3000 Mbps, supporting AiMesh, and basic parental controls.
– RT-AC86U – Dual-band WiFi 5 router with speeds of up to 2900 Mbps, including AiProtection, adaptive QoS, and gaming acceleration.
– RT-AC68U – Dual-band WiFi 5 router providing speeds of up to 1900 Mbps, supporting AiMesh, AiProtection, and robust parental controls.
Following the disclosure of the security flaw, Asus advises users to promptly update their devices to the latest firmware versions provided on the Asus download portal (links for each model mentioned above), with firmware update instructions also available on the “FAQ” page. For users unable to immediately update the firmware, Asus recommends setting up more complex WiFi passwords (over 10 non-consecutive characters).
Moreover, Asus also recommends users to immediately disable internet access to the management interface, WAN remote access, port forwarding, DDNS, VPN servers, DMZ, and port triggers.
It is noteworthy that the newly released security firmware update also addresses another security vulnerability, CVE-2024-3079, a high severity (7.2) buffer overflow issue that requires administrator account access for exploitation. Additionally, researchers revealed another security vulnerability, CVE-2024-3912, a critical (9.8) arbitrary firmware upload flaw allowing remote threat actors to execute system commands on the device (CVE-2024-3912 affects multiple Asus router models).
The recommended solutions for each affected model are as follows:
– DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U: Upgrade to firmware version 1.1.2.3_792 or higher.
– DSL-N12U_C1, DSL-N12U_D1, DSL-N14U, DSL-N14U_B1: Upgrade to firmware version 1.1.2.3_807 or higher.
– DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL-AC55U, DSL-AC56U: Upgrade to firmware version 1.1.2.3_999 or higher.
– DSL-N10_C1, DSL-N10_D1, DSL-N10P_C1, DSL-N12E_C1, DSL-N16P, DSL-N16U, DSL-AC52, DSL-AC55: Reached EoL date, recommended for replacement.
In the latest release of the download master version 3.1.0.114, Asus has addressed five medium to high severity issues involving arbitrary file uploads, operating system command injection, buffer overflows, reflected XSS, and stored XSS security problems. While these may not have the broad impact or severity of CVE-2024-3080, users are still advised to promptly upgrade their software to version 3.1.0.114 or higher for optimal security and protection.
For more information, please refer to: [Bleeping Computer – Asus Warns of Critical Remote Authentication Bypass on 7 Routers](https://www.bleepingcomputer.com/news/security/asus-warns-of-critical-remote-authentication-bypass-on-7-routers/).