ASUS Issues Critical Firmware Update For 19 Router Models, Update ASAP
Earlier this week, ASUS pushed a firmware update for 19 of the company’s routers which fixed nine different CVEs and enhanced security across the board. While updating your routers, ASUS also recommends that owners disable services accessible from the WAN side, such as port forwarding, DDNS, VPN, DMZ, and port triggering, to “avoid potential unwanted intrusions.”
Of the vulnerabilities listed in ASUS report, at least two are rated at 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS) scale. The first and eldest is CVE-2018-1160, with a bug in Netatalk allowing an out-of-bounds write, which an attacker can leverage to get code execution on the router. The second is CVE-2022-26376, a memory corruption vulnerability that can be triggered with a “specially crafted HTTP request” and yield potential code execution or information leakage.
Of course, those were more generalized vulnerabilities, and there are many others to be concerned about if you have the afflicted router model. For example, CVE-2022-35401 is an authentication bypass vulnerability wherein an attacker could gain full administrative access to an Asus RT-AX82U. Thus, if you have an ASUS router, it is time to take a look to see if yours is up to date. To do so, you can find your router model and click any of the corresponding links below.
|Affected ASUS Routers
At the end of the day, routers are a juicy target for threat actors looking to build up a botnet while minimizing detection. This is exactly what we have seen in the past with the MooBot/Mirai botnet, which turned D-Link routers into botnet slaves late last year. Hopefully, this will not happen with ASUS routers, but update now regardless and protect your devices.