Kudos1 Estatísticas

ASUS Routers are vulnerable to "Remote Code Execution"

Anyone with the following three, ASUS router models should check for firmware updates as they are vulnerable: ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U 

https://www.bleepingcomputer.com/news/security/asus-routers-vulnerable-t...

From the article:

The flaws

The three vulnerabilities that were disclosed earlier today by the Taiwanese CERT are the following:

  1. CVE-2023-39238: Lack of proper verification of the input format string on the iperf-related API module ‘ser_iperf3_svr.cgi’.
  2. CVE-2023-39239: Lack of proper verification of the input format string in the API of the general setting function.
  3. CVE-2023-39240: Lack of proper verification of the input format string on the iperf-related API module ‘ser_iperf3_cli.cgi’.

The above issues impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U in firmware versions 3.0.0.4.386_50460, 3.0.0.4.386_50460, and 3.0.0.4_386_51529 respectively.

The recommended solution is to apply the following firmware updates:

ASUS released patches that address the three flaws in early August 2023 for RT-AX55, in May 2023 for AX56U_V2, and in July 2023 for RT-AC86U.

SA

MS Certified Professional : Windows 11 Home/Pro 23H2 x 64 build 22631.3155 / Windows 10 Pro x 64 version 22H2 / build 19045.4046 / Norton Security Ultra / Norton 360 Deluxe ver. 22.24.1.6 / Opera GX LVL5 (core:106.0.4998.76) 64 bit-Early Access w/Norton Chrome Extensions / Android 14 One UI 6.1