ASUS Routers are vulnerable to "Remote Code Execution"

Envoyé le: 2023-09-05 | 08:57 · 1 Reply · Permalien · Traduction:

English

Anyone with the following three, ASUS router models should check for firmware updates as they are vulnerable: ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U

https://www.bleepingcomputer.com/news/security/asus-routers-vulnerable-t...

From the article:

The flaws

The three vulnerabilities that were disclosed earlier today by the Taiwanese CERT are the following:

CVE-2023-39238: Lack of proper verification of the input format string on the iperf-related API module ‘ser_iperf3_svr.cgi’.

CVE-2023-39239: Lack of proper verification of the input format string in the API of the general setting function.

CVE-2023-39240: Lack of proper verification of the input format string on the iperf-related API module ‘ser_iperf3_cli.cgi’.

The above issues impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U in firmware versions 3.0.0.4.386_50460, 3.0.0.4.386_50460, and 3.0.0.4_386_51529 respectively.

The recommended solution is to apply the following firmware updates:

RT-AX55: 3.0.0.4.386_51948 or later

RT-AX56U_V2: 3.0.0.4.386_51948 or later

RT-AC86U: 3.0.0.4.386_51915 or later

ASUS released patches that address the three flaws in early August 2023 for RT-AX55, in May 2023 for AX56U_V2, and in July 2023 for RT-AC86U.

MS Certified Professional : Windows 11 Home/Pro 23H2 x 64 build 22631.2792 / Windows 10 Pro x 64 version 22H2 / build 19045.3758 / Norton Security Ultra - Norton 360 Deluxe ver. 22.23.10.10 / Opera GX LVL5 (core: 104.0.4944.70) 64 bit-Early Access w/Norton Chrome Extensions / Android 14 One UI 6.1

J'ai la même question0

Introducing Norton Safe Email!

ASUS Routers are vulnerable to "Remote Code Execution"

The flaws

Related Posts

Introducing Norton Safe Email!

The flaws

Se connecter or register to participate.

Related Posts