ASUS Issues Critical Firmware Update For 19 Router Models, Update ASAP
Of the vulnerabilities listed in ASUS report, at least two are rated at 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS) scale. The first and eldest is CVE-2018-1160, with a bug in Netatalk allowing an out-of-bounds write, which an attacker can leverage to get code execution on the router. The second is CVE-2022-26376, a memory corruption vulnerability that can be triggered with a “specially crafted HTTP request” and yield potential code execution or information leakage.
Of course, those were more generalized vulnerabilities, and there are many others to be concerned about if you have the afflicted router model. For example, CVE-2022-35401 is an authentication bypass vulnerability wherein an attacker could gain full administrative access to an Asus RT-AX82U. Thus, if you have an ASUS router, it is time to take a look to see if yours is up to date. To do so, you can find your router model and click any of the corresponding links below.
Affected ASUS Routers | ||||
GT6 |
GT-AXE16000
|
GT-AXE11000 PRO | GT-AXE11000 | GT-AX6000 |
GT-AX11000 | GS-AX5400 | GS-AX3000 | ZenWiFi XT9 | ZenWiFi XT8 |
ZenWiFi XT8_V2 | RT-AX86U PRO | RT-AX86U | RT-AX86S | RT-AX82U |
RT-AX58U | RT-AX3000 | TUF-AX6000 | TUF-AX5400 |
At the end of the day, routers are a juicy target for threat actors looking to build up a botnet while minimizing detection. This is exactly what we have seen in the past with the MooBot/Mirai botnet, which turned D-Link routers into botnet slaves late last year. Hopefully, this will not happen with ASUS routers, but update now regardless and protect your devices.