Menu
What's new
By:
Filters Better Search

RT-AX86U 3.0.0.4.388_24243 hacked

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

R

Radek8

New Around Here
FW for RT AX86U - 3.0.0.4.388_24243 dated 2024/05/13
says:
- Fixed the injection vulnerability in AiCloud.
- Fixed the code execution vulnerability in AiCloud. Thanks to the contribution of chumen77.
And even with this FW, the router was hacked.
 
Radek8 said:
FW for RT AX86U - 3.0.0.4.388_24243 dated 2024/05/13
says:
- Fixed the injection vulnerability in AiCloud.
- Fixed the code execution vulnerability in AiCloud. Thanks to the contribution of chumen77.
And even with this FW, the router was hacked.
Click to expand...
That May fix is not related to the current issue.
I wonder if asus are even aware there's an issue.
 
Radek8 said:
And even with this FW, the router was hacked.
Click to expand...

Seems like additional conditions have to be met because I had one the same model and firmware bait router running for about a week with both AiCloud active and Access from WAN enabled with weak passwords and it didn't catch anything. Had to stop it because of system changes. It perhaps needs user activity, more time and public WAN IP. Mine was running in DMZ, I have a modem only used by my main network.
 
The solution here is NOT continually waiting for fixes to these hacks. It's vowing NEVER EVER to allow direct access to services over the WAN except for OpenVPN server. And even then, you could redirect from the WAN to another internal device supporting OpenVPN server on a much more hardened platform.

In my own case, I run OpenVPN server internally, and keep it on a device which itself is managed using a wifi-enabled AC adapter and my smartphone, so it's only running on-demand. Why keep something running 24/7 when you're using it 5% or less of the time?

Another strategy (when practical) is to limit access based on known public source IPs. If you're always accessing it from your workplace, a second home, the same wifi cafe, etc., you can severely limit your exposure, even if the service is compromised.

I understand the convenience these services offer. But opening them to the public at large 24/7 is just asking for trouble. They aren't written w/ security and privacy as a major concern, but simply to add bullet-points in the marketing, regardless of the risk.

If you need such capabilities, you need to put more effort in creating better solutions.
 
Last edited:
eibgrad said:
If you need such capabilities, you need to put more effort in creating better solutions.
Click to expand...

Correct, but not expected from an average user of this type consumer device.
 
Tech9 said:
Correct, but not expected from an average user of this type consumer device.
Click to expand...

Fair point. But I have to assume most users active on this platform (and particularly this Merlin forum) are NOT typical, so it behooves them to put more effort into finding an appropriate solution then simply assuming what ASUS makes available is safe.
 
eibgrad said:
and particularly this Merlin forum
Click to expand...

Yes, people reading SNB Forums have advantage - early warning or eventual workaround. The thread was posted in a wrong forum though. It's about stock Asuswrt not updated for months. There was a round of firmware updates recently for other models, but Asus forgot about still popular RT-AX86U.
 
Radek8 said:
FW for RT AX86U - 3.0.0.4.388_24243 dated 2024/05/13
says:
- Fixed the injection vulnerability in AiCloud.
- Fixed the code execution vulnerability in AiCloud. Thanks to the contribution of chumen77.
And even with this FW, the router was hacked.
Click to expand...
So not Merlin FW ?
 
Ripshod said:
That May fix is not related to the current issue.
I wonder if asus are even aware there's an issue.
Click to expand...
What current issue? Did I miss news/thread 🧐🧐🧐
 
This thread has been edited and much was merged with the other thread. These are the dregs of a dead thread now.
Merged with this:
www.snbforums.com

RT-AX88U maxing out a core and regularly showing 60+ MB/s upload

I had Diversion and Skynet running but have since disabled them, suspecting that may be the culprit. Essentially, I can't see any device connected to my network that is sending large amounts of data, but when I look at the traffic monitor (Analyzer) it shows this: I only have ~30Mbps of...
www.snbforums.com www.snbforums.com
 
Ripshod said:
This thread has been edited and much was merged with the other thread. These are the dregs of a dead thread now.
Merged with this:
www.snbforums.com

RT-AX88U maxing out a core and regularly showing 60+ MB/s upload

I had Diversion and Skynet running but have since disabled them, suspecting that may be the culprit. Essentially, I can't see any device connected to my network that is sending large amounts of data, but when I look at the traffic monitor (Analyzer) it shows this: I only have ~30Mbps of...
www.snbforums.com www.snbforums.com
Click to expand...
Thanks, very interesting read. I’m behind CG-Nat, if not I would have many more features switched on
 
I had this same issue on my gt axe11000 disabled aicloud services and changed the password and now it’s working fine.
 
Tech9 said:
The same issue was reported when running both Asuswrt and Asuswrt-Merlin firmware. Suspected AiCloud is Asus close source component.
Click to expand...
thanks don't use clouds , i like sunshine . Anything not necessary is turned off on my router
 
You must log in or register to reply here.

Similar threads

E
Release ASUS RT-AX86 Series(RT-AX86U/RT-AX86S) Firmware version 3.0.0.4.388_24243 (2024/05/13)
2 3
Replies
41
Views
10K
aardbeix15
A
Intrepid
Release ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15)
4 5 6
Replies
112
Views
17K
Oniiz86
O
bbunge
Release ASUS RT-AC66U B1 Firmware version 3.0.0.4.386_51685 2024/04/15
Replies
7
Views
2K
karlr
K
L
Release ASUS RT-AC86U Firmware version 3.0.0.4.386_51925 (2024/03/29)
Replies
11
Views
4K
galapogos01
G
visortgw
Release ASUS RT-AX88U Firmware version 3.0.0.4.388_24209 (2024/03/29)
2
Replies
25
Views
7K
wol-shiver
W
Similar threads
Thread starter Title Forum Replies Date
T 5G Frequency issue on RT-AX86U after update 3004.388.8_2 Asuswrt-Merlin 2
W RT-AX86U with latest version 3004.388.8_2 always crash and reboot Asuswrt-Merlin 38
C RT-AX86U 3004.388.8_2 . pet feeder app cannot connect to wifi why? Asuswrt-Merlin 6
N RT-AX86U (AP) - 3004.388.7 - SNMPv3 Username missing? Asuswrt-Merlin 2
W custom ddns update every minutes with AX86U 3004.388.7 firmeware Asuswrt-Merlin 21
Z AX86U no longer boots if usb is connected after latest update 3004.388.7 Asuswrt-Merlin 3
T Enabling SQM only on Asymmetrical Connection (1150/40) via AX86U Pro (3004.388.4) Asuswrt-Merlin 5
C 3004.388.6_2 media bridge mode (RT-AX86U but maybe others also) - port status missing Asuswrt-Merlin 8
c.petras 3004.388.6 AX86U poor 2.4 Wifi Asuswrt-Merlin 5
R Getting flooded with log entries I don't understand on my RT-AX86U Pro running 3004.388.6_2 Asuswrt-Merlin 13

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 493 (members: 17, guests: 476)
Top