Asus firmware developers have recently released important security patches for various router models, including GT6, RT-AX86U, and ZenWiFi. The firmware updates aim to address several vulnerabilities, including two critical gaps. These vulnerabilities could potentially be exploited by attackers to execute malicious code and gain control over the devices.
One of the critical vulnerabilities, known as CVE-2022-26376, affects the httpd unescape function. Attackers can leverage this vulnerability through crafted HTTP requests to trigger memory errors and inject malicious code onto the devices. Once compromised, hijacked routers are often used in botnets.
The second critical vulnerability, identified as CVE-2018-1160, targets Netatalk. Attackers can exploit this vulnerability due to insufficient authentication checks, allowing them to execute malicious code without proper authentication. This could result in unauthorized access to sensitive information or device compromise.
Other vulnerabilities identified in the firmware updates are categorized as “high” threat level. Successful exploitation of these vulnerabilities could lead to denial-of-service (DoS) attacks, which could render the devices inoperable. Additionally, attackers could potentially gain access to isolated information.
Asus has provided a warning message detailing the affected devices and the firmware versions that offer protection against these vulnerabilities. Users are strongly advised to update their routers promptly to mitigate the risks. While it is currently unknown if there have been any attacks exploiting these vulnerabilities, it is crucial to prioritize security by applying the latest firmware updates.
To enhance overall security, Asus recommends implementing additional safety measures. This includes using different passwords for the WiFi network and the router admin page to minimize the impact of potential breaches. It is also advisable to configure routers in a way that they cannot be directly accessed through the internet (WAN), reducing the attack surface. Furthermore, Asus recommends disabling services such as DMZ, Telnet, and SSH to further protect against potential attacks.
For more detailed security tips and recommendations, users can refer to a post provided by the manufacturer. By following these guidelines and promptly installing the firmware updates, users can enhance the security of their Asus routers and mitigate the risks associated with the identified vulnerabilities.
