Taiwanese company ASUS on Monday released a firmware update to address, among other things, nine security bugs affecting various router models.
Of the nine security flaws, two were rated Critical and six were rated High in severity. One vulnerability is currently awaiting analysis.
The list of affected products is GT6, GT-AXE16000, GT-AX11000 PRO, GT-AXE11000, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT – AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400.
CVE-2018-1160 concerns a nearly five year old out-of-bounds write bug in versions of Netatalk prior to 3.1.12 that could allow unauthenticated remote attackers to achieve arbitrary code execution.
CVE-2022-26376 has been described as a memory corruption vulnerability in Asuswrt firmware that could be triggered via a specially crafted HTTP request.
The other seven drawbacks are as follows –
- CVE-2022-35401 (CVSS score: 8.1) – An authentication bypass vulnerability that could allow an attacker to send a malicious HTTP request to gain full administrative access to a device.
- CVE-2022-38105 (CVSS score: 7.5) – An information disclosure vulnerability that could be exploited to access sensitive information by sending specially crafted network packets.
- CVE-2022-38393 (CVSS score: 7.5) – A denial-of-service (DoS) vulnerability that could be triggered by sending specially crafted network packets.
- CVE-2022-46871 (CVSS Score: 8.8) – Use of the deprecated libusrsctp library which could open the targeted device to other attacks.
- CVE-2023-28702 (CVSS Score: 8.8) – A command injection flaw that could be exploited by a local attacker to execute arbitrary system commands, interrupt the system, or terminate services.
- CVE-2023-28703 (CVSS Score: 7.2) – A stack-based buffer overflow vulnerability that could be exploited by an attacker with admin privileges to execute arbitrary system commands, interrupt the system, or terminate services.
- CVE-2023-31195 (CVSS Score: N/A) – An enemy in the middle (AitM) flaw that could lead to hijacking of user sessions.
ASUS recommends that users apply the latest updates as soon as possible to reduce security risks. As a workaround, it advises users to disable services that can be accessed from the WAN side to avoid potential unwanted interference.
“This service includes remote access from WAN, port forwarding, DDNS, VPN servers, DMZ, (and) port triggering,” the company said, urging customers to audit their equipment regularly as well as create separate passwords for wireless networks and administration pages. routers.