ASUS routers vulnerable to critical remote code execution flaws

[Mike A.]

Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not installed.
These three WiFi routers are popular high-end models within the consumer networking market, currently available on the ASUS website, favored by gamers and users with demanding performance needs.
The flaws, which all have a CVSS v3.1 score of 9.8 out of 10.0, are format string vulnerabilities that can be exploited remotely and without authentication, potentially allowing remote code execution, service interruptions, and performing arbitrary operations on the device.

ASUS routers vulnerable to critical remote code execution flaws

Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not installed.

www.bleepingcomputer.com

 

[jec6613]

Reading the vulnerability and exploit POC, this attack needs to come in via the web interface of the router. That makes it looks less critical than it is though, because it can be chained from malicious HTML from any website you may visit.

It'll probably be within the next week when we see actual exploits in the wild, anybody with an Asus router should schedule downtime and patch ASAP.

 

[CCTVCam]

Thanks, Ill take a look at mine. Not too worried though because being a pure router, it's sat behind a modem firewall as well. So 3 firewalls, modem, router and windows. I'm guessing a few may be in that situation. That said, the more secure the better.

Edit: On checking mine's an 82U so not impacted but I upgraded anyway as some other security fixes.