Critical ASUS Router Flaw Attacker Executes Arbitrary Commands

A critical vulnerability has been discovered in several models of ASUS routers. It allows unauthenticated remote attackers to execute arbitrary system commands on the affected devices.

The flaw, identified as CVE-2024-3912, has been assigned a CVSS score of 9.8, indicating its high severity.

EHA

CVE-2024-3912 – Vulnerability Details

According to the Twcert reports, Carlos Köpke from PLASMALABS reported the vulnerability, which is due to an arbitrary firmware upload vulnerability present in various ASUS router models.

By exploiting this flaw, attackers can remotely execute arbitrary commands on the compromised routers without requiring any authentication.

Affected Models

The following ASUS router models are affected by this vulnerability:

  • DSL-N17U
  • DSL-N55U_C1
  • DSL-N55U_D1
  • DSL-N66U
  • DSL-N14U
  • DSL-N14U_B1
  • DSL-N12U_C1
  • DSL-N12U_D1
  • DSL-N16
  • DSL-AC51
  • DSL-AC750
  • DSL-AC52U
  • DSL-AC55U
  • DSL-AC56U

Mitigation and Recommendations

ASUS has released firmware updates to address this critical vulnerability.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot

Users are strongly advised to update their affected routers to the following firmware versions:

  • For models DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, and DSL-N66U: Update to version 1.1.2.3_792 or later.
  • For models DSL-N12U_C1, DSL-N12U_D1, DSL-N14U, and DSL-N14U_B1: Update to version 1.1.2.3_807 or later.
  • For models DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL-AC55U, and DSL-AC56U: Update to version 1.1.2.3_999 or later.

Several older models, including DSL-N10_C1, DSL-N10_D1, DSL-N10P_C1, DSL-N12E_C1, DSL-N16P, DSL-N16U, DSL-AC52, and DSL-AC55, are no longer maintained.

Users of these models are advised to replace their routers.

If replacement is not feasible in the short term, it is recommended that remote access (Web access from WAN), virtual server (Port forwarding), DDNS, VPN server, DMZ, and port trigger features be disabled to mitigate the risk of exploitation.

The discovery of this critical vulnerability in ASUS routers highlights the importance of regularly updating the router firmware and replacing end-of-life devices.

Users are urged to take immediate action to protect their networks from potential attacks by applying the necessary firmware updates or replacing affected routers.

ASUS has proactively addressed this issue and provided timely fixes to ensure the security of its customers.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free

Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.