loading
Jump to content
WWW.CSELITES.COM
CSElites known as [www.cselites.com], a virtual world from May 1, 2012, which continues to grow in the gaming world. CSELITES.COM has over 65k members in continuous expansion, coming from different parts of the world.

Community Servers:

ZM.CSELITES.COM Click for more info! connect
TZM.CSELITES.COM Click for more info! connect
DZM.CSELITES.COM Click for more info! connect

[Gadgets] ASUS Issues Critical Firmware Update For 19 Router Models, Update ASAP

Proto

By Proto
in Gadgets

 Share

Recommended Posts

Proto Diamond III

Proto

Posted
Posted

image.jpeg.27e17ca91b5941e7a30fe4e05cd719d2.jpeg

 

Earlier this week, ASUS pushed a firmware update for 19 of the company’s routers which fixed nine different CVEs and enhanced security across the board. While updating your routers, ASUS also recommends that owners disable services accessible from the WAN side, such as port forwarding, DDNS, VPN, DMZ, and port triggering, to “avoid potential unwanted intrusions.”

 

Of the vulnerabilities listed in ASUS report, at least two are rated at 9.8 out of 10 on the Common Vulnerability Scoring System (CVSS) scale. The first and eldest is CVE-2018-1160, with a bug in Netatalk allowing an out-of-bounds write, which an attacker can leverage to get code execution on the router. The second is CVE-2022-26376, a memory corruption vulnerability that can be triggered with a “specially crafted HTTP request” and yield potential code execution or information leakage.

Of course, those were more generalized vulnerabilities, and there are many others to be concerned about if you have the afflicted router model. For example, CVE-2022-35401 is an authentication bypass vulnerability wherein an attacker could gain full administrative access to an Asus RT-AX82U. Thus, if you have an ASUS router, it is time to take a look to see if yours is up to date.

 

With this update, ASUS “strongly encourage[s] you to periodically audit both your equipment and your security procedures, as this will ensure that you will be better protected.” This includes updating your router to the latest firmware as it becomes available, having separate passwords for wireless networks and router administration pages, and enabling ASUS AiProtection, if supported, to help with all this and general network security.

At the end of the day, routers are a juicy target for threat actors looking to build up a botnet while minimizing detection. This is exactly what we have seen in the past with the MooBot/Mirai botnet, which turned D-Link routers into botnet slaves late last year. Hopefully, this will not happen with ASUS routers, but update now regardless and protect your devices.

Source.

 

 

ProToCrisP (1).gif

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.