Router: Asus advises to install security patches quickly
Asus has released security patches for several of its router models, including the GT6, RT-AX86U, and ZenWiFi. These patches address two critical vulnerabilities that could allow attackers to execute malicious code on the affected routers. Users of these routers are advised to update their firmware as soon as possible to protect themselves from these vulnerabilities.
Vulnerabilities
CVE-2022-2637
(risk: “critical”)-
CVE-2018-1160
(risk: “critical”) - The remaining vulnerabilities are rated with the threat level “high”
Safety tips
Asus recommends that users update their routers as soon as possible. It is not known if there have been any attacks yet, but it is better to be safe than sorry. Users should also assign different passwords for their WLAN and router admin page. Additionally, routers should not be directly accessible via the Internet (WAN). This will reduce the attack surface. Finally, the manufacturer recommends disabling the DMZ, Telnet, and SSH services. More security tips can be found in an article.
Malicious code attacks possible
A critical vulnerability (CVE-2022-26376) affects the httpd-unescape function. Attackers can use crafted HTTP requests to trigger memory errors. Malicious code usually gets onto devices via this and attackers can take full control. In such a position, hijacked routers are often incorporated into botnets.
The second critical vulnerability (CVE-2018-1160) affects Netatalk. Due to insufficient checks, attackers should be able to execute malicious code without authentication. The remaining vulnerabilities are rated with a threat level of “high”. If attackers successfully exploit the gaps, they could paralyze devices via DoS attacks, among other things, or access information that is actually sealed off.
In a warning message, Asus lists the affected devices as well as the secured firmware versions.
- GT6
- GT-AXE16000
- GT-AX11000 PRO
- GT-AX6000
- GT-AX11000
- GS-AX5400
- GS-AX3000
- XT9
- XT8
- XT8 V2
- RT-AX86U PRO
- RT-AX86U
- RT-AX86S
- RT-AX82U
- RT-AX58U
- RT-AX3000
- TUF-AX6000
- TUF-AX5400
Resources
- Heise.de Blog Post
- BleepingComputer Blog Post
- TheHackerNews Blog Post
- Asus.com security advisory
- CVE-2022-26376
- CVE-2018-1160
Contact & Information
Do you have suggestions for improvement or would you like to have an article translated / created? Please contact me!