Menu
What's new
By:
Filters Better Search

Asus Router App Security Warning!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

cmillar6

Senior Member
So I thought I would experiment with the Asus Router app on my iPhone. To my surprise the app has Remote Connection enabled by default and it goes ahead and enables DDNS for you without even asking. I would think they should at least warn you of this.
 
Thank you for this post. I’m just learning and indeed, the app turns those services on. I tried the app briefly and didn’t like it. I turned both off.

Thanks again!
 
Have not experienced this with either the Android or iOS version. However, I have https access in the router set before I connect the Asus app.

Sent from my P01M using Tapatalk
 
bbunge said:
Have not experienced this with either the Android or iOS version. However, I have https access in the router set before I connect the Asus app.

Sent from my P01M using Tapatalk
Click to expand...

As has been discussed in other threads, https should not be considered secure for these routers, and it advised to to not allow connection to the router interface from outside of the router network by https. A properly configured VPN tunnel is the only safe means.
 
maxbraketorque said:
As has been discussed in other threads, https should not be considered secure for these routers, and it advised to to not allow connection to the router interface from outside of the router network by https. A properly configured VPN tunnel is the only safe means.
Click to expand...
I said nothing about connecting from the WAN. My intent was to state that the app did not turn on WAN access! I have noticed the app likes to use https even on the LAN connection so I enable https, actually both, when i configure the router. There is no reason to consider the Asus router app insecure.

Sent from my P01M using Tapatalk
 
bbunge said:
I said nothing about connecting from the WAN. My intent was to state that the app did not turn on WAN access! I have noticed the app likes to use https even on the LAN connection so I enable https, actually both, when i configure the router. There is no reason to consider the Asus router app insecure.

Sent from my P01M using Tapatalk
Click to expand...

ok. I was assuming that since you are connecting by https that you connect from outside the network.
 
I can confirm that the app, both the iOS and Android, will turn on "Enable Web Access from WAN" and DDNS with a generated "Host Name." I had occasion to reset my RT-AC66U B1 to factory settings and decided to see what happened.
I can also confirm that the apps do not mess with these settings if "Authentication Method" is set to both before you try to connect to the router with either app.
Still, having the app turn on WAN access and randomly set a DDNS is not a good idea at all from a security standpoint. Most home users have no clue what the risks are! I had my DDNS turned on the other day and within a short time the router was probed from two IP addresses from Sao Paulo, Br. AiProtection caught both.
Has anyone filed a complaint to Asus about this?
 
Using the app and here there is no modification whatsoever on WAN access or DDNS. Very weird what is happening there.



Sent from FRD-L19 with Tapatalk
 
You must log in or register to reply here.

Similar threads

K
ASUS iOS app not finding router AX89U Pro 3.0.0.6.102_21514
Replies
5
Views
746
bbunge
bbunge
P
app router for android error 13000
Replies
1
Views
244
RMerlin
RMerlin
J
Update Username/Password in ASUS Router App After changing these remotely by VPN
Replies
3
Views
1K
iFrogMac
I
K
ASUS Router app for iOS not detecting GT-AX6000 router it is connected to
Replies
10
Views
438
Tech9
Tech9
bbunge
Release ASUS RT-AX86U Pro Firmware version 3.0.0.4.388_24198 08NOV23
Replies
10
Views
3K
PunchCardBoss
PunchCardBoss
Similar threads
Thread starter Title Forum Replies Date
K ASUS iOS app not finding router AX89U Pro 3.0.0.6.102_21514 ASUSWRT - Official 5
J Update Username/Password in ASUS Router App After changing these remotely by VPN ASUSWRT - Official 3
P Asus Router tuf ax4200 log enquiry ASUSWRT - Official 0
R ASUS RT-AX88U Router Is showing Ethernet Ports Notice under Network Map -> System Status -> Status ASUSWRT - Official 20
Tech9 Resetting Asus router remotely question ASUSWRT - Official 11
D It took 48 hours, but the mystery of the mass Asus router outage is solved ASUSWRT - Official 61
jixiangyuan ASUS GT-BE98 Firmware version 3.0.0.6.102_34372 - 2024/04/23 ASUSWRT - Official 9
bbunge Release ASUS RT-AC66U B1 Firmware version 3.0.0.4.386_51685 2024/04/15 ASUSWRT - Official 3
Intrepid Release ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15) ASUSWRT - Official 19
P ASUS RT-AX58 - Firmware version 3.0.0.4.388.24762 ASUSWRT - Official 9

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,013 (members: 37, guests: 976)
Top