ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

June 17, 2024 at 11:00AM

ASUS has released software updates to address critical security flaws in its routers, including an authentication bypass vulnerability (CVE-2024-3080) with a high CVSS score of 9.8 and a buffer overflow flaw (CVE-2024-3079). These vulnerabilities could allow remote attackers to execute arbitrary commands on specific router models. Users are advised to update their routers to the latest versions for security.

Meeting Notes Summary:
– ASUS has released software updates to address critical security vulnerabilities in its routers that could be exploited by remote attackers.
– The vulnerabilities include an authentication bypass flaw (CVE-2024-3080) and a buffer overflow flaw (CVE-2024-3079), with respective CVSS scores of 9.8 and 7.2.
– These flaws could potentially allow unauthenticated remote attackers to log into the device and execute arbitrary commands.
– Affected router models include ZenWiFi XT8, RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U, and RT-AC68U.
– Earlier in January, ASUS also addressed a critical vulnerability (CVE-2024-3912) allowing unauthenticated remote attackers to upload arbitrary files and execute system commands.
– Users are advised to update their routers to the latest version to mitigate these security risks.

Full Article