ASUS has fixed three critical vulnerabilities in its RT-AX55, RT-AX56U_V2, and RT-AC86U routers that could potentially allow attackers to take control of these devices without the necessary security updates. All three of these wireless router models are popular with gamers and regular users, according to Bleeping Computer, and are still available on the ASUS website and sold in retail stores.
Image source: BleepingComputer
All vulnerabilities were rated 9.8 out of 10 by the CVSS v3.1 severity rating system. This is one of the highest severity ratings due to the nature of the issues. All three vulnerabilities are so-called uncontrolled string formatting vulnerabilities. This allows attackers to take control of the ASUS router remotely and without authentication. To do this, it is enough to send a specially crafted command statement to the vulnerable device. ASUS routers are affected by the following three vulnerabilities: CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.
Detailed information on security issues is not available, but all three vulnerabilities are known input string formatting vulnerabilities in the ser_iperf3_svr.cgi API module and the general configuration function. Such a vulnerability could be caused by improper validation of instructions, such as user input.
ASUS has released patches to fix all three router vulnerabilities. Owners of these devices are advised to install firmware updates immediately to protect their devices from possible attacks. Below are links to update download sites:
- for RT-AX55 – ASUS RT-AX55 firmware update version 3.0.0.4.386_51948 or later;
- for RT-AX56U – update version 3.0.0.4.386_51948 or newer;
- for RT-AC86U – Firmware update 3.0.0.4.386_51915 resolves reported security issues.
It is also recommended to disable the remote management (WAN Web Access) feature on devices. This prevents many remote attacks on the router.
Add Comment