Critical Security Flaws in ASUS Routers Enable Remote Command Execution: Immediate Action Required

ASUS has warned of critical vulnerabilities in several router models that allow remote command execution. Affecting firmware versions 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102, these flaws pose significant risks to network security. Users are urged to update firmware, set strong passwords, and follow security recommendations to protect their devices.

  Vulnerability Alerts   Jan 4, 2025  Add to Reading List
Critical Security Flaws in ASUS Routers Enable Remote Command Execution: Immediate Action Required

ASUS Routers Affected by Critical Vulnerabilities Allowing Remote Command Execution

ASUS has recently issued a critical security advisory concerning severe vulnerabilities discovered in several of its router models. These vulnerabilities, tracked as CVE-2024-12912 and CVE-2024-13062, affect certain firmware versions and could allow attackers to execute arbitrary commands remotely, compromising the security of the affected devices. The vulnerabilities are primarily associated with the AiCloud feature in ASUS routers, a cloud-based service that enables users to access their routers remotely.

The vulnerabilities were found in routers running firmware versions 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102. If left unpatched, these flaws could allow attackers with authenticated access to the device to execute harmful commands remotely, leading to potential unauthorized control over the router. This poses a significant risk, especially for home or small business networks that rely on the affected models.

Details of the Vulnerabilities:

  1. CVE-2024-12912: This vulnerability arises from a lack of proper input validation in the AiCloud service. This flaw allows attackers to inject arbitrary commands into the system, enabling them to remotely execute unauthorized actions.

  2. CVE-2024-13062: The second vulnerability involves improper sanitization of inputs, which creates an entry point for attackers to execute arbitrary commands. This flaw similarly poses a serious threat to router security.

Both vulnerabilities have been assigned a high severity rating of 7.2 on the Common Vulnerability Scoring System (CVSS), signaling a significant risk to affected devices.

ASUS Recommendations and Mitigation Steps:

To mitigate the risk posed by these vulnerabilities, ASUS has recommended several immediate actions:

  • Firmware Updates: ASUS has released updates to address these vulnerabilities. Users are strongly urged to update their routers to the latest firmware versions, specifically 3.0.0.4_386, 3.0.0.4_388, or 3.0.0.6_102, depending on their router model. These updates contain patches that fix the flaws and protect the device from exploitation.

  • Password Strength: ASUS advises users to ensure that both their router administration and Wi-Fi passwords are strong and unique. Passwords should be at least 10 characters long and should include a mix of uppercase and lowercase letters, numbers, and symbols. Avoid using simple, sequential passwords such as "1234567890" or "abcdefg."

  • AiCloud Protection: To further safeguard their devices, users should enable password protection within the AiCloud service. This ensures that only authorized users can access the router remotely.

  • Disabling Unused Services: If users are unable to immediately update their firmware or have routers that are no longer supported, ASUS suggests disabling external-facing services such as remote access, port forwarding, DDNS, VPN server, DMZ, and FTP. Disabling these features will help reduce the attack surface for potential attackers.

  • Regular Security Practices: It is essential for users to regularly check for firmware updates and adjust security settings. ASUS emphasizes that keeping firmware up to date and following best security practices is the most effective way to avoid security vulnerabilities.

Impact and Importance of Updates:

These vulnerabilities highlight an ongoing issue in router security, especially with cloud-enabled features like AiCloud. As more homes and businesses rely on IoT devices and networked systems, keeping routers and other network devices updated has become increasingly critical in the face of growing cyber threats. Users are urged to remain vigilant and proactive about securing their networks against potential exploits, which could lead to unauthorized access, data breaches, or compromised network integrity.

ASUS continues to encourage users to report any security concerns through its dedicated vulnerability disclosure page, ensuring that these issues are addressed promptly and effectively.

Tags