RT-AXE7800 - AiCloud 2.0 Smart Access issue

[pete99]

I am trying to get AiCloud 2.0 Smart Connect working. On the remote computer I now see the computers on the RT-AXE7800's internal network that I can connect to via the ***.asuscomm.com url.

When I click on the computer I want to connect to I see a popup window titled "Login - /DEV9". This is my Windows 11 Professional 64 bit computer.

However, when I enter my normal windows (local account) username and password and click OK it submits but then just returns to the "Login - /DEV9" popup. Which happens again and again.

Any suggestions for making Smart Access work? I have already factory reset the router and set it up from scratch again, in the process of which the firmware update check happened automatically. (I'm on 3.0.0.4.388_25144).

Many thanks!

 

[bennor]

You may want to rethink enabling the AiCloud feature. It has been identified the source for recent malware intrusions that have caused issues on some routers due to security vulnerabilities.

Malware damaging ASUS routers?

This malware damaging Asus routers has to be described in a sticky thread with a warning sign! Update: Asus is releasing patched firmware for multiple models. Check for firmware updates! The changelog for most firmware releases contains the following: 1. Strengthened input validation and data...

www.snbforums.com

04/18/2025 ASUS Router AiCloud vulnerability

Asus posted a entry on their Product Security Advisory page today (the 18th) about Asus Router AiCloud vulnerability. Asus is recommending one update the firmware to the version released after February 2025. https://www.asus.com/content/asus-product-security-advisory/ 04/18/2025 ASUS Router...

www.snbforums.com

News - ASUS Product Security Advisory - ASUS Router AiCloud vulnerability (01/02/2025)

Asus posted a Product Security Advisory on Jan 2, 2025 for Asus router AiCloud vulnerability. https://www.asus.com/content/asus-product-security-advisory/ 01/02/2025 ASUS Router AiCloud vulnerability Injection and execution vulnerabilities in certain ASUS router firmware series that allow...

www.snbforums.com

At the minimum you should ensure your router is updated to firmware later than this past February as indicated by Asus. Or better, make sure the AiCloud is disabled and use the VPN Server option of the firmware instead which would allow remote access using VPN Client software/application(s).

 

[pete99]

You may want to rethink enabling the AiCloud feature. It has been identified the source for recent malware intrusions that have caused issues on some routers due to security vulnerabilities.

Malware damaging ASUS routers?

This malware damaging Asus routers has to be described in a sticky thread with a warning sign! Update: Asus is releasing patched firmware for multiple models. Check for firmware updates! The changelog for most firmware releases contains the following: 1. Strengthened input validation and data...

www.snbforums.com

04/18/2025 ASUS Router AiCloud vulnerability

Asus posted a entry on their Product Security Advisory page today (the 18th) about Asus Router AiCloud vulnerability. Asus is recommending one update the firmware to the version released after February 2025. https://www.asus.com/content/asus-product-security-advisory/ 04/18/2025 ASUS Router...

www.snbforums.com

News - ASUS Product Security Advisory - ASUS Router AiCloud vulnerability (01/02/2025)

Asus posted a Product Security Advisory on Jan 2, 2025 for Asus router AiCloud vulnerability. https://www.asus.com/content/asus-product-security-advisory/ 01/02/2025 ASUS Router AiCloud vulnerability Injection and execution vulnerabilities in certain ASUS router firmware series that allow...

www.snbforums.com

At the minimum you should ensure your router is updated to firmware later than this past February as indicated by Asus. Or better, make sure the AiCloud is disabled and use the VPN Server option of the firmware instead which would allow remote access using VPN Client software/application(s).

Many thanks for your reply! I have just disabled AiCloud - good advice. I'll check out the VPN option. A shame though, as Ai Cloud Smart Access looks like it is quite easy to set up!

 

[degrub]

you also have to de-authorize the service.

Same for AiProtection and any of the other remote ASUS services.
Set your WAN to drop all unsolicited packets as well.

 

[pete99]

you also have to de-authorize the service.

Same for AiProtection and any of the other remote ASUS services.
Set your WAN to drop all unsolicited packets as well.

So AiProtection is compromised too? That's one of the reasons I went Asus rather than Tp-Link!

Sorry for the newbie question, but how do I "de-authorize the service"? Ditto "drop all unsolicited packets" I don't see settings like these in the web gui.

 

[degrub]

i think those threads and the ASUS support pages document exactly what was impacted. There are many other threads here about the issue. just search and read ASUS malware. Simplest practice is to disable remote access of any kind into the router. Then re-enable and accept license terms for those that you have to have that do not have malware issues.

 

[bennor]

So AiProtection is compromised too? That's one of the reasons I went Asus rather than Tp-Link!

Sorry for the newbie question, but how do I "de-authorize the service"? Ditto "drop all unsolicited packets" I don't see settings like these in the web gui.

There are certain Asus router features that, when enabled, will display a notice page asking you to agree to the TrendMicro or Asus EULA. One may or may not need to agree to such notices/EULA when they enable AiCloud. One can access the router's Administration > Privacy (or Policy) page to see if there are any Withdraw buttons active. If there are, one can Withdraw from the specified service. Generally how it works is when you disable something like AiProtection you need to go in and select the Withdraw button for it to fully stop using that feature. Otherwise the firmware may keep certain elements of that feature running behind the scenes.

 

[pete99]

There are certain Asus router features that, when enabled, will display a notice page asking you to agree to the TrendMicro or Asus EULA. One may or may not need to agree to such notices/EULA when they enable AiCloud. One can access the router's Administration > Privacy (or Policy) page to see if there are any Withdraw buttons active. If there are, one can Withdraw from the specified service. Generally how it works is when you disable something like AiProtection you need to go in and select the Withdraw button for it to fully stop using that feature. Otherwise the firmware may keep certain elements of that feature running behind the scenes.

Thank you for explaining it so clearly. We are not all part of the furniture here.

On a general note, it's disappointing to splash a fair amount of money on a new router, specifically for things like AiProtection, to then find they appear to do the reverse of intended!

I've now read some of the threads referenced and am uncertain whether the vulnerabilities described are fully addressed with Asus latest firmware for my router (RT-AXE7800). I guess no one really knows?

I understand that any incoming connection to the router is a risk, but with latest firmware are we (back to) managed risk?

I would like to 'benefit' from AiProtection. I can toggle port forwarding for the very limited time I need the functionality.

Does that make any sense? (Otherwise I might as well get a refund on RT-AXE7800 and go back to my ISP's router [Plusnet Hub 2]).

Thanks for your patience.

 

[ColinTaylor]

you also have to de-authorize the service.

Same for AiProtection and any of the other remote ASUS services.
Set your WAN to drop all unsolicited packets as well.

What? How is any of that related to his question about AiCloud 2.0?

 

[degrub]

Just attempting to get him back to a clean slate short of hard factory reset. Then add back.

 

[ColinTaylor]

Just attempting to get him back to a clean slate short of hard factory reset. Then add back.

The way you wrote it implied he needed to disable AiProtection for security reasons (as per his response) as well as all the other Asus services. None of that is necessary.

He also doesn't need to make any changes to his firewall as it already drops all unsolicited packets by default.

 

[bennor]

On a general note, it's disappointing to splash a fair amount of money on a new router, specifically for things like AiProtection, to then find they appear to do the reverse of intended!

I've now read some of the threads referenced and am uncertain whether the vulnerabilities described are fully addressed with Asus latest firmware for my router (RT-AXE7800). I guess no one really knows?

AiProtection and AiCloud are separate features of the Asus router. See the following FAQ on the AiProtection feature which has more information on that specific feature:

[AiProtection] How to set Network Protection in ASUS Router ? | Official Support | ASUS Global

Many use AiProtection (TrendMicro) without issue. There are those however who have certain performance issues and find disabling AiProtection, and selecting it's Withdraw button on the Administration > Privacy page helps with their performance issue(s).

AiCloud has been the attack vector more than once and Asus has repeatedly had to patch the feature. Not everyone trusts AiCloud even with the latest Asus firmware updates that are supposed to patch the latest discovered vulnerabilities in AiCloud. For remote access to either a USB drive attached to the router, or to local network devices connected to the router, one can use the router's VPN server feature instead. The Asus router includes a VPN server feature (OpenVPN and on certain models WireGuard). Enabling and disabling the VPN server is as simple as a few (two or three) clicks in the router GUI.

[Wireless Router] Unlock the Power of the VPN with ASUS router: Secure, Private, and Seamless Connectivity | Official Support | ASUS Global

[VPN] How to set up a VPN server on ASUS router – OpenVPN | Official Support | ASUS Global

[Wireless Router] How to set up WireGuard® VPN server? | Official Support | ASUS Global

For the remote device/computer, they would use a VPN client.

OpenVPN Connect - VPN For Your Operating System | OpenVPN

Download the official OpenVPN Connect client VPN software for your operating system, developed and maintained by our experts. Get started with our VPN software.

openvpn.net

Installation - WireGuard

www.wireguard.com