Menu
What's new
By:
Filters Better Search

Security threat vulnerability Various AX Models !!!!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
M

marcd5123

Regular Contributor
Hi Guys ..A very good friend of mine has just forwarded this to me . I own the 86U Pro .

"Hardware manufacturer Asus has released updates patching multiple critical vulnerabilities that allow hackers to remotely take control of a range of router models with no authentication or interaction required of end users.

The most critical vulnerability, tracked as CVE-2024-3080 is an authentication bypass flaw that can allow remote attackers to log into a device without authentication. The vulnerability, according to the Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC), carries a severity rating of 9.8 out of 10. Asus said the vulnerability affects the following routers:

Model nameSupport Site link
XT8 and XT8_V2https://www.asus.com/uk/supportonly/asus%20zenwifi%20ax%20(xt8)/helpdesk_bios/
RT-AX88Uhttps://www.asus.com/supportonly/RT-AX88U/helpdesk_bios/
RT-AX58Uhttps://www.asus.com/supportonly/RT-AX58U/helpdesk_bios/
RT-AX57https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax57/helpdesk_bios
RT-AC86Uhttps://www.asus.com/supportonly/RT-AC86U/helpdesk_bios/
RT-AC68Uhttps://www.asus.com/supportonly/RT-AC68U/helpdesk_bios/"

What do you guys think 🤔 👀
 
Please use the forum search, that specific CVE security warning has been posted and discussed in several past discussions since June 14/15th when Asus released their security notice and Bleeping Computer published their article on it. The seven routers mentioned had their firmware patched months ago to fix the specific CVE mentioned.
www.snbforums.com

ASUS Security Issues

I came across these today.
www.snbforums.com www.snbforums.com
www.snbforums.com

Is this a concern for those of us using Merlin firmware? (CVE-2024-3080)

Is this a concern for those of us using Merlin firmware? ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. The flaw, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8 “critical”), is an...
www.snbforums.com www.snbforums.com
www.snbforums.com

ASUS warns of critical remote authentication bypass on 7 routers

ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. The flaw, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8 “critical”), is an authentication bypass vulnerability allowing unauthenticated, remote...
www.snbforums.com www.snbforums.com
ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15) - Post #41
RT-AC68U End of Life Announced by Asus - Post #87

PS: Asus gives the standard suggestion(s) in the security notice for this specific CVE:
If you are not able to update the firmware quickly, please make sure that both your login and WiFi passwords are strong. It is recommended (1) disable any services that can be reached from the internet, such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger. (2) passwords have more than 10 characters with a variety of capitalized letters, numbers, and special characters to increase the security level of your devices. Do not use passwords with consecutive numbers or letters, such as 1234567890, abcdefghij, or qwertyuiop."
Click to expand...
Another PS: The seven mentioned routers, their patched firmware versions and when the firmware was published by Asus.
XT8: 3.0.0.4.388_24621 - 2024/03/19
XT8_V2: 3.0.0.4.388_24621 - 2024/03/19
RT-AX88U: 3.0.0.4.388_24209 - 2024/03/29
RT-AX58U: 3.0.0.4.388_24762 - 2024/04/12
RT-AX57: 3.0.0.4.386_52303 - 2024/04/08
RT-AC86U: 3.0.0.4.386_51925 - 2024/03/29
RT-AC68U: 3.0.0.4.386_51685 - 2024/04/15
 
Last edited:
bennor said:
Please use the forum search, that specific CVE security warning has been posted and discussed in several past discussions since June 14/15th when Asus released their security notice and Bleeping Computer published their article on it. The seven routers mentioned had their firmware patched months ago to fix the specific CVE mentioned.
www.snbforums.com

ASUS Security Issues

I came across these today.
www.snbforums.com www.snbforums.com
www.snbforums.com

Is this a concern for those of us using Merlin firmware? (CVE-2024-3080)

Is this a concern for those of us using Merlin firmware? ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. The flaw, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8 “critical”), is an...
www.snbforums.com www.snbforums.com
www.snbforums.com

ASUS warns of critical remote authentication bypass on 7 routers

ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. The flaw, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8 “critical”), is an authentication bypass vulnerability allowing unauthenticated, remote...
www.snbforums.com www.snbforums.com
ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15) - Post #41
RT-AC68U End of Life Announced by Asus - Post #87

PS: Asus gives the standard suggestion(s) in the security notice for this specific CVE:

Another PS: The seven mentioned routers, their patched firmware versions and when the firmware was published by Asus.
XT8: 3.0.0.4.388_24621 - 2024/03/19
XT8_V2: 3.0.0.4.388_24621 - 2024/03/19
RT-AX88U: 3.0.0.4.388_24209 - 2024/03/29
RT-AX58U: 3.0.0.4.388_24762 - 2024/04/12
RT-AX57: 3.0.0.4.386_52303 - 2024/04/08
RT-AC86U: 3.0.0.4.386_51925 - 2024/03/29
RT-AC68U: 3.0.0.4.386_51685 - 2024/04/15
Click to expand...
Thanks for the reply much appreciated 👍..That's fantastic news I was not aware of this just reading now thank you for all the information.🙂
 
Status
Not open for further replies.

Similar threads

N
Is this a concern for those of us using Merlin firmware? (CVE-2024-3080)
2
Replies
29
Views
5K
JIPG
JIPG
K
  • Locked
PC Mag and others on 6/20/23: 19 Asus Routers Need Their Firmware Updated Immediately
Replies
1
Views
3K
RMerlin
RMerlin
U
  • Locked
ASUS warns of critical remote authentication bypass on 7 routers
Replies
1
Views
2K
ColinTaylor
C
B
Release New Official XT8 Firmware: 3.0.0.4.386.46061
Replies
1
Views
6K
TMcC
T
WQ6N
UDP port 9999 infosvr Security Concerns?
Replies
2
Views
5K
WQ6N
WQ6N
Similar threads
Thread starter Title Forum Replies Date
SR-71 New Security-focused Firmware Updates Released for AX86U Pro & AX3000 ASUS AX Routers & Adapters (Wi-Fi 6/6e) 2
D Wi-Fi router security after dropping it ASUS AX Routers & Adapters (Wi-Fi 6/6e) 12
B Security Upgrade option on RT-AX88U Pro ASUS AX Routers & Adapters (Wi-Fi 6/6e) 12
D ax56u EOL and security? ASUS AX Routers & Adapters (Wi-Fi 6/6e) 10
M Asus rt ax86s usb datastick security ASUS AX Routers & Adapters (Wi-Fi 6/6e) 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 652 (members: 19, guests: 633)
Top