Taiwanese computer hardware manufacturer Asus on Monday shipped urgent firmware updates to address vulnerabilities in its WiFi router product lines and warned users of the risk of remote code execution attacks.
In an advisory, Asus documented at least nine security defects and multiple security weaknesses that allow code execution, denial-of-service, information disclosure and authentication bypasses.
The most serious of the nine vulnerabilities, a highly critical bug with a CVSS severity rating of 9.8/10, dates back to 2018 and exposes routers to code execution attacks.
The vulnerability, tagged as CVE-2018-1160, is a memory corruption issue in Netatalk before 3.1.12. “This is due to lack of bounds checking on attacker-controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution,” according to the advisory.
The Asus firmware update also patches CVE-2022-26376 (CVSS 9.8/10), a memory corruption vulnerability in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.
“A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability,” Asus confirmed.
The company, which has struggled with security problems in the past, listed the affected WiFi routers as Asus GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000 and TUF-AX5400.
“If you choose not to install this new firmware version, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger,” the company cautioned.
Asus is also strongly recommending that its users “periodically audit both your equipment and your security procedures” to stave off a wave of malware attacks targeting router infrastructure.
“Update your router to the latest firmware. We strongly recommend that you do so as soon as new firmware is released,” the company said, adding that users should set up up separate passwords wireless network and router-administration pages
Related: Supply-Chain Attack Used to Install Backdoors on ASUS Computers
Related: Severe Vulnerabilities Allow Hacking of Asus Gaming Router
Related: Chinese UEFI Rootkit Found on Gigabyte and Asus Motherboards
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.
More from Ryan Naraine
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
- CrowdStrike to Acquire Application Intelligence Startup Bionic
- HiddenLayer Raises Hefty $50M Round for AI Security Tech
- Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages
- Extradited Russian Hacker Behind ‘NLBrute’ Malware Pleads Guilty
- Caesars Confirms Ransomware Hack, Stolen Loyalty Program Database
- AuthMind Scores $8.5M Seed Funding for ITDR Tech
- Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits
Latest News
- Microsoft Adding New Security Features to Windows 11
- UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor
- Sony Investigating After Hackers Offer to Sell Stolen Data
- The CISO Carousel and its Effect on Enterprise Cybersecurity
- Xenomorph Android Banking Trojan Targeting Users in US, Canada
- $200 Million in Cryptocurrency Stolen in Mixin Network Hack
- Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
- Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role
