ASUS has disclosed a crucial security flaw impacting routers with enabled that could enable remote attackers to perform unauthorized execution of functions on vulnerable devices.
The risk, tracked as , has a CVSS report of 9. 2 out of a maximum of 10. 0.
” An improper identification power vulnerability exists in certain ASUS modem firmware series,” ASUS in an expert. ” This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. “
The flaw has been addressed with router updates for the following trees-
- 3.0.0.4_382
- 3.0.0.4_386
- 3. 0. 0. 4_388, and
- 3.0.0.6_102
For maximum protection, it’s recommended to update their cases to the latest version of the device.
” Use different passwords for your wireless network and router leadership page,” ASUS said. ” Use passwords that have at least 10 figures, with a mix of capital letters, numbers, and characters. “
” Do not use the same login for more than one system or service. Do not use passwords with subsequent numbers or letters, such as 1234567890, abcdefghij, or qwertyuiop. “
If immediate patching is not an option or the routers have reached end-of-life ( EoL ), it’s advised to make sure that login and Wi-Fi passwords are strong.
Another option is to delete AiCloud and any assistance that can be accessed from the internet, such as remote access from WAN, port mailing, DDNS, VPN site, DMZ, port triggering, and FTP.