Skip to main content

Command Palette

Search for a command to run...

ASUS warns of critical auth bypass flaw in DSL series routers

Published
2 min readView as Markdown
ASUS warns of critical auth bypass flaw in DSL series routers

ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models.

Tracked as , this vulnerability allows remote, unauthenticated attackers to log into unpatched devices exposed online in low-complexity attacks that don't require user interaction.

ASUS has released firmware version 1.1.2.3_1010 to address this vulnerability for DSL-AC51, DSL-N16, and DSL-AC750 router models.

"An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system," .

"ASUS recommends update to the latest firmware to ensure your device remains protected. Download and install the latest firmware version 1.1.2.3_1010 for your device from the ASUS support page or your product page at ASUS Networking."

While the Taiwanese electronics manufacturer only mentions three affected router models, it also provides mitigation measures for users who can't or have end-of-life models that will not receive firmware updates.

To block potential attacks without patching the routers, users are advised to disable any services accessible from the Internet, including remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP.

ASUS also recommends taking additional measures to secure routers and reduce the attack surface, including using complex passwords for the router administration page and wireless networks, regularly checking for security updates and new firmware, and avoiding the reuse of credentials.

While there are no reports of active exploitation, it is strongly recommended to install the latest firmware as soon as possible, as attackers commonly target router flaws to infect devices with botnet malware, which they then use in DDoS attacks.

For instance, in June, CISA two older security flaws impacting ASUS RT-AX55 (CVE-2023-39780) and ASUS GT-AC2900 (CVE-2021-32030) routers to its catalog of actively exploited vulnerabilities.

As cybersecurity company GreyNoise and French cybersecurity firm Sekoia revealed at the time, "a well-resourced and highly capable adversary" tracked as used CVE-2023-39780 and CVE-2021-32030 to in attacks aimed at building a new botnet, tracked as .

In April, ASUS vulnerability () in a wide range of router models with the AiCloud service enabled.

Whether you're cleaning up old keys or setting guardrails for AI-generated code, this guide helps your team build securely from the start.

Get the cheat sheet and take the guesswork out of secrets management.


More from this blog

F

FPT Metrodata Indonesia Cyber Security

683 posts

FPT Metrodata Indonesia (FMI) provides news, analysis & guides on cybersecurity and threat intelligence for Indonesia & Vietnam. Visit https://news.fmisec.com. FMI: https://fmisec.com