Asus and many routers manufacturers offer the possibility to directly connect USB removable media to store and retrieved data within the computer network.
The list of ASUS Routers which implement this feature included the following models:
Is it a vulnerability, or is it a feature implemented to allow the publication of user’s data on an FTP server?
The real problem is that enabling the AiDisk utility the device is configured to share data publicly on Internet, its default configuration gives complete control of the files on the storage.
The colleagues at THN demonstrated how it is possible to use SHODAN search engine to find ASUS routers poorly configured, thousand of Storage Disk using Asus Routers with no password or having default settings.
The access to the data present on the devices is quite easy, use the ftp protocol and the IP address retrieved from Shodan i.e. ftp://ipaddress/.
http://www.shodanhq.com/search?q=+RT-N66U
or
The risky feature was reported to ASUS that intends to release an update, informing users to choose a strong password for device storage and Router Administrative panel.
(Security Affairs – Asus Routers, hacking)
Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included…
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing…
Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the…
Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals.…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output…
A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have…
This website uses cookies.
