Pierluigi Paganini
April 18, 2025
ASUS warns of an authentication bypass vulnerability, tracked as CVE-2025-2492 (CVSS v4 score: 9.2), which impacts routers with AiCloud enabled. A remote attacker can trigger the flaw to perform unauthorized execution of functions on the device.
A remote, unauthenticated attacker can exploit the vulnerability by sending a specially crafted request.
“An improper authentication control vulnerability exists in certain ASUS router firmware series. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions.” reads the ASUS Product Security Advisory. “We have released new firmware update for 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102 series.”
The Taiwanese multinational company recommends users to regularly check their devices and security settings to stay protected. Asus also urges users to update the router’s firmware via the ASUS support page when available. It finally recommends using strong, unique passwords (min. 10 characters, mix of letters, numbers, symbols) for both Wi-Fi and admin pages and avoiding reusing passwords or using easy sequences like 1234567890.
“If you are unable to update the firmware quickly or the router is end-of-life, please ensure that both your login and WiFi passwords are strong. It is recommended to (1) Disable AiCloud (2) disable any services that can be accessed from the internet, such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP.” concludes the security advisory.
The company has not disclosed whether it is aware of any attacks in the wild that have exploited this vulnerability.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs –hacking, authentication bypass vulnerability)
Malware / September 09, 2025
