Menu
What's new
By:
Filters Better Search

PC Mag and others on 6/20/23: 19 Asus Routers Need Their Firmware Updated Immediately

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
K

Katmeat

Occasional Visitor
I wonder if we should revert to factory firmware temporarily?

PC Mag: Asus releases a patch for 9 serious security flaws, some of which are rated 'high' or 'critical.'
Asus released a critical firmware update for 19 of its wireless routers that fixes nine serious security flaws as well as 17 other vulnerabilities.

As Bleeping Computer reports(Opens in a new window), this is a firmware update owners of Asus routers shouldn't ignore. Of the nine security flaws it fixes, at least two are critical bugs that could allow an attacker to execute code or trigger a DDoS attack.

The full list of security fixes(Opens in a new window) contained in this firmware update are:

  • Fixed CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, CVE-2022-26376
  • Fixed DoS vulnerabilities in firewall configuration pages.
  • Fixed DoS vulnerabilities in httpd.
  • Fixed information disclosure vulnerability.
  • Fixed null pointer dereference vulnerabilities.
  • Fixed the cfg server vulnerability.
  • Fixed the vulnerability in the log message function.
  • Fixed Client DOM Stored XSS
  • Fixed HTTP response splitting vulnerability
  • Fixed status page HTML vulnerability.
  • Fixed HTTP response splitting vulnerability.
  • Fixed Samba related vulnerabilities.
  • Fixed Open redirect vulnerability.
  • Fixed token authentication security issues.
  • Fixed security issues on the status page.
  • Enabled and supported ECDSA certificates for Let's Encrypt.
  • Enhanced protection for credentials.
  • Enhanced protection for OTA firmware updates.
The vulnerable routers requiring the update include the GT6(Opens in a new window), GT-AXE16000(Opens in a new window), GT-AX11000 PRO(Opens in a new window), GT-AXE11000(Opens in a new window), GT-AX6000(Opens in a new window), GT-AX11000(Opens in a new window), GS-AX5400(Opens in a new window), GS-AX3000(Opens in a new window), ZenWiFi XT9(Opens in a new window), ZenWiFi XT8(Opens in a new window), ZenWiFi XT8 V2(Opens in a new window), RT-AX86U PRO(Opens in a new window), RT-AX86U(Opens in a new window), RT-AX86S(Opens in a new window), RT-AX82U(Opens in a new window), RT-AX58U(Opens in a new window), RT-AX3000(Opens in a new window), TUF-AX6000(Opens in a new window), and TUF-AX5400(Opens in a new window).
 
Guys...

www.snbforums.com

PC Mag and others on 6/20/23: 19 Asus Routers Need Their Firmware Updated Immediately

I wonder if we should revert to factory firmware temporarily? PC Mag: Asus releases a patch for 9 serious security flaws, some of which are rated 'high' or 'critical.' Asus released a critical firmware update for 19 of its wireless routers that fixes nine serious security flaws as well as 17...
www.snbforums.com www.snbforums.com
www.snbforums.com

Important news from Asus, ask to update the following routers.

Fixed CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, CVE-2022-26376 Fixed DoS vulnerabilities in firewall configuration pages. Fixed DoS vulnerabilities in httpd. Fixed information disclosure vulnerability. Fixed...
www.snbforums.com www.snbforums.com
www.snbforums.com

ASUS Product Security Advisory

ASUS has posted an advisory for the following routers, here is the link https://www.asus.com/content/asus-product-security-advisory/. Document states new firmware should be implemented asap. Here is also a link to the Neowin article...
www.snbforums.com www.snbforums.com

www.snbforums.com

ASUS urges customers to patch critical router vulnerabilities

“ASUS urges customers to patch critical router vulnerabilities”: https://www.bleepingcomputer.com/news/security/asus-urges-customers-to-patch-critical-router-vulnerabilities/ (Was this already posted somewhere?) “The list of impacted devices includes the following models: GT6, GT-AXE16000...
www.snbforums.com www.snbforums.com
 
Status
Not open for further replies.

Similar threads

azagramac
  • Locked
Important news from Asus, ask to update the following routers.
Replies
1
Views
1K
RMerlin
RMerlin
N
Release ASUS TUF-AX5400 Firmware version 3.0.0.4.388_24121
2
Replies
32
Views
4K
Igs
I
d5aqoep
ASUS GT-AX11000 PRO Firmware version 3.0.0.4.388_24721 (5th March 2024)
Replies
0
Views
553
d5aqoep
d5aqoep
visortgw
Release ASUS RT-AX68U Firmware version 3.0.0.4.388_24646 (2024/02/26)
Replies
19
Views
2K
Tech9
Tech9
escape75
RT-AX68U Merlin vs. 3.0.0.4.388_24646
Replies
0
Views
420
escape75
escape75
Similar threads
Thread starter Title Forum Replies Date
G Asus xt9 google safesearch ASUS AX Routers & Adapters (Wi-Fi 6/6e) 0
H Question about (normal) guest network with ASUS ROG Rapture GT-AX6000 ASUS AX Routers & Adapters (Wi-Fi 6/6e) 9
A ASUS XT8 dropout - momentarily disconnection ASUS AX Routers & Adapters (Wi-Fi 6/6e) 1
T Asus rog rapture gt-axe16000 ASUS AX Routers & Adapters (Wi-Fi 6/6e) 3
M ASUS RT-AX86U AiCloud HDD device list "Stacked" ASUS AX Routers & Adapters (Wi-Fi 6/6e) 9
I Question about multiple 5Ghz networks . Asus GT-AXE16000 ASUS AX Routers & Adapters (Wi-Fi 6/6e) 2
R ASUS RT-AX86U Double Hop VPN? ASUS AX Routers & Adapters (Wi-Fi 6/6e) 2
D ASUS RT-AX86U OpenVPN Server Error - Key Too Small ASUS AX Routers & Adapters (Wi-Fi 6/6e) 4
S Asus RT-AX86U and RT-AX86S seem to freeze after a week or so. ASUS AX Routers & Adapters (Wi-Fi 6/6e) 1
G Asus RT-AX89X firmware ОреnWRT ASUS AX Routers & Adapters (Wi-Fi 6/6e) 4

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 984 (members: 34, guests: 950)
Top