National Cyber Warfare Foundation (NCWF) Forums


ASUS fixed critical remote authentication bypass bug in several routers
0 user ratings		2024-06-16 08:30:12
milo
Blue Team (CND) , Red Team (CNA)
 - archive -- 
Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. The flaw is an authentication bypass issue that a remote attacker can exploit to log into the device without authentication. The flaw impacts […


Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models.





ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models.





The flaw is an authentication bypass issue that a remote attacker can exploit to log into the device without authentication.





The flaw impacts the following models:






  • ZenWiFi XT8 3.0.0.4.388_24609 (inclusive) previous versions




  • ZenWiFi Version RT-AX57 3.0.0.4.386_52294 (inclusive) previous version




  • ZenWiFi Version RT-AC86U 3.0.0.4.386_51915 (inclusive) previous version




  • ZenWiFi Version RT-AC68U 3.0.0.4.386_51668 (inclusive) previous version





The company released the following firmware update to address the issue:






  • Update ZenWiFi XT8 to 3.0.0.4.388_24621 (inclusive) and later versions




  • Update ZenWiFi XT8 V2 to 3.0.0.4.388_24621 (inclusive) and later versions




  • Update RT-AX88U to 3.0.0.4.388_24209 (inclusive) and later versions




  • Update RT-AX58U to 3.0 .0.4.388_24762 (inclusive) and later versions




  • update RT-AX57 to 3.0.0.4.386_52303 (inclusive) and later versions




  • update RT-AC86U to 3.0.0.4.386_51925 (inclusive) and later versions




  • update RT-AC68U to 3.0.0.4.386_51685 ( (including) later versions





The vendor also addressed a critical upload arbitrary firmware flaw, tracked as CVE-2024-3912 (CVSS score 9.8) impacting multiple devices. An unauthenticated, remote attacker can exploit the flaw to execute system commands on the vulnerable device.





Carlos Köpke from PLASMALABS discovered the flaw. Impacted products are: DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U, DSL-N14U, DSL-N14U_B1, DSL-N12U_C1, DSL-N12U_D1, DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL- AC55U, DSL-AC56U.





Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL).





The following versions address the flaw:






  • Update the following models to 1.1.2.3_792 (inclusive) and later versions:
    DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U




  • Update the following models to 1.1.2.3_807 (inclusive) and later versions:
    DSL-N12U_C1, DSL -N12U_D1, DSL-N14U, DSL-N14U_B1




  • Update the following models to 1.1.2.3_999 (inclusive) and later versions:
    DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL-AC55U, DSL-AC56U




  • and following models No longer maintained, it is recommended to replace
    DSL-N10_C1, DSL-N10_D1, DSL-N10P_C1, DSL-N12E_C1, ,DSL-N16P, DSL-N16U, DSL-AC52, DSL-AC55.
    If it cannot be replaced in the short term, it is recommended to close it. Remote access (Web access from WAN), virtual server (Port forwarding), DDNS, VPN server, DMZ, port trigger





Follow me on Twitter: @securityaffairs and Facebook and Mastodon





Pierluigi Paganini





(SecurityAffairs – hacking, routers)







Source: SecurityAffairs
Source Link: https://securityaffairs.com/164549/security/asus-router-models-critical-rce.html

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)
Red Team (CNA)


Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.