ASUS fixed critical remote authentication bypass bug in several routers
Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models.
ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models.
The flaw is an authentication bypass issue that a remote attacker can exploit to log into the device without authentication.
The flaw impacts the following models:
- ZenWiFi XT8 3.0.0.4.388_24609 (inclusive) previous versions
- ZenWiFi Version RT-AX57 3.0.0.4.386_52294 (inclusive) previous version
- ZenWiFi Version RT-AC86U 3.0.0.4.386_51915 (inclusive) previous version
- ZenWiFi Version RT-AC68U 3.0.0.4.386_51668 (inclusive) previous version
The company released the following firmware update to address the issue:
- Update ZenWiFi XT8 to 3.0.0.4.388_24621 (inclusive) and later versions
- Update ZenWiFi XT8 V2 to 3.0.0.4.388_24621 (inclusive) and later versions
- Update RT-AX88U to 3.0.0.4.388_24209 (inclusive) and later versions
- Update RT-AX58U to 3.0 .0.4.388_24762 (inclusive) and later versions
- update RT-AX57 to 3.0.0.4.386_52303 (inclusive) and later versions
- update RT-AC86U to 3.0.0.4.386_51925 (inclusive) and later versions
- update RT-AC68U to 3.0.0.4.386_51685 ( (including) later versions
The vendor also addressed a critical upload arbitrary firmware flaw, tracked as CVE-2024-3912 (CVSS score 9.8) impacting multiple devices. An unauthenticated, remote attacker can exploit the flaw to execute system commands on the vulnerable device.
Carlos Köpke from PLASMALABS discovered the flaw. Impacted products are: DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U, DSL-N14U, DSL-N14U_B1, DSL-N12U_C1, DSL-N12U_D1, DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL- AC55U, DSL-AC56U.
Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL).
The following versions address the flaw:
- Update the following models to 1.1.2.3_792 (inclusive) and later versions:
DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U
- Update the following models to 1.1.2.3_807 (inclusive) and later versions:
DSL-N12U_C1, DSL -N12U_D1, DSL-N14U, DSL-N14U_B1
- Update the following models to 1.1.2.3_999 (inclusive) and later versions:
DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL-AC55U, DSL-AC56U
- and following models No longer maintained, it is recommended to replace
DSL-N10_C1, DSL-N10_D1, DSL-N10P_C1, DSL-N12E_C1, ,DSL-N16P, DSL-N16U, DSL-AC52, DSL-AC55.
If it cannot be replaced in the short term, it is recommended to close it. Remote access (Web access from WAN), virtual server (Port forwarding), DDNS, VPN server, DMZ, port trigger
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, routers)