EVGA

ASUS Issues Router Product Security Advisory

Author
rjohnson11
EVGA Forum Moderator
  • Total Posts : 85038
  • Reward points : 0
  • Joined: 10/5/2004
  • Location: Netherlands
  • Status: offline
  • Ribbons : 86
Sunday, June 25, 2023 9:33 AM (permalink)
https://www.techpowerup.com/310478/asus-issues-router-product-security-advisory
 
If you own one of several recent ASUS router models, then you're being urged by ASUS to upgrade your firmware to the latest release as soon as possible, due to a few serious security flaws. The two most severe being CVE-2022-26376 and CVE-2018-1160, both of which are rated 9.8 on a scale of 10 in terms of severity. However, if you're running the third party Asuswrt-Merlin firmware, you're apparently safe, as the author of the third party firmware has already patched all the known security issues that ASUS has announced patches for.

The affected models are the GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400. That's 18 different models in total, all of which should be built around Broadcom hardware. It's unclear if more models are affected or not, but these are the ones ASUS has issued updates for. The security flaws in question could allow someone to take over an unpatched router and make it a part of a botnet or similar. ASUS has suggested turning off features like DDNS and VPN servers, as well as more obvious things like WAN access, port forwarding, port triggers and DMZ until the firmware has been updated on the affected models.
 
Very important that if you have any of the models listed update your firmware at once. 

AMD Ryzen 9 7950X,  Corsair Mp700 Pro M.2, 64GB Corsair Dominator Titanium DDR5  X670E Steel Legend, MSI RTX 4090 Associate Code: H5U80QBH6BH0AXF. I am NOT an employee of EVGA

#1

1 Reply Related Threads

    Hoggle
    EVGA Forum Moderator
    • Total Posts : 8899
    • Reward points : 0
    • Joined: 10/14/2003
    • Location: Eugene, OR
    • Status: offline
    • Ribbons : 4
    Re: ASUS Issues Router Product Security Advisory Sunday, June 25, 2023 9:54 AM (permalink)
    It would be nice if things like routers had an automatic check for security and firmware updates. I wonder how many people never check to see if they have the latest firmware and just are unknowingly helping a bot network.

    Use an Associates Code & SAVE 5% - 10% on your purchase. Just click on the associates banner to save, or enter the associates code at checkout on your next purchase. If you choose to use my code I want to personally say "Thank You" for using it. 
     
     
    #2
    Jump to: