If you own an Asus router, you should update the firmware to protect against critical vulnerabilities right now

June 22, 2023

Asus is recommending users update the firmware on some of its most popular routers in order to address critical security vulnerabilities. The updates include fixes or mitigations for nine security vulnerabilities.

According to Bleeping Computer, the CVE-2022-26376 and CVE-2018-1160 vulnerabilities are the most worrisome. The first is a memory corruption vulnerability that could let attackers launch DoS attacks or even execute code. It carries a critical 9.8/10 severity rating according to the NIST’s National Vulnerability Database.

The second is a five-year-old vulnerability with the same 9.8/10 critical rating. It too can allow an attacker to execute code. Both methods place the router at risk of becoming part of a botnet or used for all kinds of nefarious purposes.

The list of affected models follows: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400.

Asus clearly believes these are significant issues. “Please note, if you choose not to install this new firmware version, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger,” Asus said on its Product Security Advisory webpage.

In other words, turn off your internet. Eek.

An unpatched router will be at risk of being turned into a botnet zombie, which can then be used to carry out a variety of scummy actions including Denial of Service attacks, password theft, or sending spam emails.

Asus routers have been targeted in the past. Last year its devices were vulnerable to the Cyclops Blink malware. Asus is not the only router manufacturer to have security issues, though. Pretty much every manufacturer faces them at some point. In 2020, the Fraunhofer Institute for Communication (FKIE) examined 127 home routers from several manufacturers, and all 127 had vulnerabilities.

Check for router updates regularly, folks! Its either that or ditch the internet altogether.

Original Source Link

June 22, 2023

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Every announcement from the Nintendo Direct June 2023

Review: Despot’s Game (Nintendo Switch)

Related Articles

Who can you invite to the Hades 2 hot tub?

Clay for Sale at Stardew Valley Nexus

Microsoft announces 4 studio closures—including Arkane Austin and Tango Gameworks, creators of Prey and Hi-Fi Rush respectively

Wordle today: Answer and hint #1053 for May 7

Leave a Reply Cancel reply

Adblock Detected