At this point, it’s still unclear whether Asus has fixed this flaw (i.e., the lack of proper verification when updating records).
From that website:
"We informed ASUS of this zero-day attack scenario in May 2023, with a promised fix in July 2023."
At this point, it’s still unclear whether Asus has fixed this flaw (i.e., the lack of proper verification when updating records).
As the link you posted indicates Asus "promised fix in July 2023". Per the following advisory from Asus there was a DDNS fix issued in July of 2023:Details of this vulnerability on the Black Hat Briefing here which includes slides that explain the exploitation process in detail.
At this point, it’s still unclear whether Asus has fixed this flaw (i.e., the lack of proper verification when updating records).
07/25/2023 Strengthening DDNS Security for RT-AX1800U, RT-AX3000, RT-AX3000 v2, RT-AX86U, TUF-AX3000 and TUF-AX5400
The RT-AX1800U, RT-AX3000, RT-AX3000 v2, RT-AX86U, TUF-AX3000 and TUF-AX5400 router models now allow binding DDNS to a user's account to mitigate the risk of Man-in-the-Middle (MITM) attacks. We advise taking the following actions:
1. If you're not managing your router with the ASUS Router App, we recommend installing it. The app can be found by searching for "ASUS Router App" in the iOS App Store or Google Play. For more information about the app, please refer to this link: https://www.asus.com/content/asus-router-app/
2. Update your router to the latest firmware using the ASUS Router App. Here's how you can do it: https://www.asus.com/support/FAQ/1045788/
3. Connect your device to your account: Detailed instructions on how to do this are provided here: https://www.asus.com/support/FAQ/1048185
Please note, if you choose not to connect your device to your account, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger.
(See link for rest of notice)
Seems ironic to me that their recommendation was to use the Asus app when it was that very app which was leaking the router login credentials to the dns poisoned rogue websites.As the link you posted indicates Asus "promised fix in July 2023". Per the following advisory from Asus there was a DDNS fix issued in July of 2023:
https://www.asus.com/content/asus-product-security-advisory/
Agree; it seems like all the other Routers are getting updates, yet (one of) the most popular Models (based on the weekly no. of Merlin Downloads alone, not ASUS) is not ... yet.Asus really has to do something fast about RT-AX86U/S. There is another report for damaged RT-AX86U along with connected to it RT-AX82U nodes. Not sure how this malware spreads to AiMesh nodes as well.
Solved - RT-AX86U - Stuck on old firmware (solved!), WiFi not working (solved!)
You can restore the router, write to telegram I also got compromised this Monday. my situation is a little worse i had two ax-82u's connected as nodes. they also seem to be affected. i have a Gundam Zaku 2 ax-86u as my main router. i was initially able to get into the router by hard resetting...www.snbforums.com
AI Overview
Considering the EOL RT-AC68U just got a firmware update to address the recent security vulnerability, I'd venture to guess the RT-AX86U will get one as well in the coming days. The RT-AX86U last firmware update was just six months ago (2024/05/13 - 3.0.0.4.388_24243).At this point I'm seeing more info in favor saying the original RT-AX86U is no longer supported....
Right, that's the firmware I have on the router. As I've mentioned though, to make sure I was safe, and also because I wanted access to faster than 1G Ethernet I bought an RT-BE92U. I just felt it was the overall best choice in my case, and if the RT-AX86U did continue to get updates I would have it as a backup router. I just won't have to depend on it as the main router now. Yes, I saw several EOL routers get updates, that's why I find the situation frustrating to deal with. I had actually bought and had been using the new Router prior to even hearing about this Malware. I'll just keep an eye on this thread, and see what happens. Thanks.Considering the EOL RT-AC68U just got a firmware update to address the recent security vulnerability, I'd venture to guess the RT-AX86U will get one as well in the coming days. The RT-AX86U last firmware update was just six months ago (2024/05/13 - 3.0.0.4.388_24243).
OK @Tech9, dial back the snark.Forget about this AI crap.
Well, after reading the AC68U got an upgrade I checked the AC66U B1 and sure enough it too got an upgrade (not surprising they are the same hardware).Considering the EOL RT-AC68U just got a firmware update to address the recent security vulnerability, I'd venture to guess the RT-AX86U will get one as well in the coming days. The RT-AX86U last firmware update was just six months ago (2024/05/13 - 3.0.0.4.388_24243).
In terms of Google's AI Answers I never took it as the final answer, or official answer. I used it to look for an official source of info that could be backed up. I have seen AI answers that do have correct info as I am familiar with the info given so in those cases I can back up with facts that those answers were correct. The RT-AX86U solution though is a bit harder because there is no proven facts of it receiving a firmware upgrade. It's all just speculation right now and someone's best guess on other information that could potentially lead to people being right and an update to patch the issues is still coming. So as I have said before, I did what I felt best for my situation and didn't rely on other people to cover my back in a solution.Well, after reading the AC68U got an upgrade I checked the AC66U B1 and sure enough it too got an upgrade (not surprising they are the same hardware).
So, with an abundance of caution I replaced the AX86U mesh node with the AC66U B1 until the AX86U gets an upgrade.
@Tech9, I agree about the AI stuff. Searching Google recently has resulted in AI answers that were inaccurate or just plane wrong. And the sad part is that the general public will believe those answers!
That was my whole point, Google said one thing, people on this forum said something else, Asus hasn't said anything officially yet. So, with the exception of @RMerlin , or maybe @thiggins , info on this forum is just as useless and unconfirmed as it is from Google, unless whoever presents the info can back it coming from Asus directly (in this case.). If this forum has confirmed anything to me at this point, it's there is malware and it needs to be patched, which also confirmed my concerns of continuing to use the RT-AX86U as a daily router due to lack frequent firmware updates. So, until Asus steps up and and provides an official firmware update. I'll just consider anyone talking about one coming wishful thinking, as all the other evidence I have shows it's out of support, at least on the surface. However, I'm willing to let Asus come through and provide the update to show this particular model and the users of it, are still of concern to them. They could also use this opportunity to force people to buy a new router, to have the problem fixed. just have to wait and see what happens.I don’t see RT-AX86U and RT-AX88U on Asus EoL list so whenever Google AI is saying is irrelevant. This information has to come from Asus.
Count me in, as I already didY'all gotta start voting with your wallet
What did you go with?Count me in, as I already did
The Asus RT-BE92U. Almost the same form factor as the RT-AX86U but has one 10 G LAN/WAN and 4 2.5G ports with one also being a WAN option and it has 6GHz.What did you go with?
ASUS EOL list for routers has the AX-86U as EOL.
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!