What's new

ASUS RT-AC87r strange security problem

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

badstuff9

Occasional Visitor
Asus RT-AC87R, firmware version 3.0.0.4.382_51640.

I discovered something very strange.

I have an external drive plugged into the USB port on the router. The drive contains photos, songs, movies.

I thought, It would be nice to view that stuff remotely over the internet when with family, etc. So, I enabled the AiCloud, both "Cloud Disk" and "Smart Access". It worked, after remotely logging in I was able to view the files on the attached external drive. And I was also able to access remotely other networked devices in our home, which is a very nice feature. So, for example, if I logged into https://example.asuscomm.com, I could explore the various networked devices, for example https://example/asuscomm.com/device1. However.....

After I logged out, the next time I logged in, I wanted to look at something on device1. So, when logging in, instead of logging in to https://example/asuscomm.com and then navigating to device1, I thought, I'll just go directly to https://example.asuscomm.com/device1, enter my login credentials, and then I'll be directly where I want to be. But, to my amazement and horror, when I entered https://example.asuscomm.com/device1, I did not get asked to enter any credentials at all - instead, I was taken directly to device1, and I had full, wide open access to everything on device1!

I cannot understand this. What am I doing wrong that it won't ask for me credentials when I enter https://example.asuscomm.com/device1, but it will if I enter https://example.asuscomm.com? Am I missing a setting of some sort?

Interested in any help, I am not very knowledgeable at all about this stuff, so I am assuming I am missing some obscure setting.

In the meantime, I have completely turned off the AiCloud stuff, and all the Servers Center stuff (UPnP, iTunes, FTP, and Network Places (Samba)), just to be safe. After doing that, I no longer can get full remote access on a networked device without credentiald being asked for - but of course, I don't have any remote access at all now.

Thanks in advance.
 
Asus RT-AC87R, firmware version 3.0.0.4.382_51640.

I discovered something very strange. (snip) ...when I entered https://example.asuscomm.com/device1, I did not get asked to enter any credentials at all - instead, I was taken directly to device1, and I had full, wide open access to everything on device1!
Thanks in advance.

Did you ever get an answer to this? (and) Did you try flushing the cache on your browser, or using a different browser to replicate the problem?

Sky
 
Did you ever get an answer to this? (and) Did you try flushing the cache on your browser, or using a different browser to replicate the problem?

Sky
Your reply is the only one I've received. I have no answer to my original message.

Different browsers: Same problem.

Flashing the cache - Nope. Don't know what that means.
 
Your reply is the only one I've received. I have no answer to my original message.

Well, this is really late, so first off let me say the most probable reasons you never got a reply are (a) no one had what they felt was an authoritative answer or suggestion; and/or (b) no one saw your post. That happens sometimes. They really are a great bunch, but they can be kind of quiet sometimes.
Different browsers: Same problem.

Flashing (sic) the cache - Nope. Don't know what that means.

Different browsers—same issue—probably means it's not in the browser cache, unless all browsers had been previously used for access. The cache is used for faster access on future visits. To flush the cache in:
  • IE-11 key combination [ctrl+shift+del]
  • Chrome key combination [ctrl+shift+del]
  • Firefox key combination [ctrl+shift+del]
  • Safari key combination [cmd+shift+del]
Most browsers from the last several years allow users to retain usernames and passwords at the browser. Many/most/all (sometimes) also automatically pass that data to the website. It's an ease-of-use feature that can be handy, but also very disconcerting (IMO) if you did not setup the browser or are unfamiliar with the way it works. These website|username|password combinations may be held in cookies or a separately maintained database managed by the browser. The Mozilla-type browsers, e.g., Edge, Chrome, Firefox. Browsers retain such a database on the user's device. They also offer to keep a copy on a cloud service. Caveat emptor with that.

There are similar steps to clear cookies, clear passwords, etc. Generally you should Google or DDG (duck duck go) "how to ____" for any of them and get a quick answer or keyboard shortcut. I think ddg is pretty popular around here. Use it a few times and you'll see why.

The router also has a cache but I don't think it would allow you in that way. @RMerlin or others more familiar with the fw would know.

Have you encountered other "suspicious" behavior?

Sky
 
Well, this is really late, so first off let me say the most probable reasons you never got a reply are (a) no one had what they felt was an authoritative answer or suggestion; and/or (b) no one saw your post. That happens sometimes. They really are a great bunch, but they can be kind of quiet sometimes.


Different browsers—same issue—probably means it's not in the browser cache, unless all browsers had been previously used for access. The cache is used for faster access on future visits. To flush the cache in:
  • IE-11 key combination [ctrl+shift+del]
  • Chrome key combination [ctrl+shift+del]
  • Firefox key combination [ctrl+shift+del]
  • Safari key combination [cmd+shift+del]
Most browsers from the last several years allow users to retain usernames and passwords at the browser. Many/most/all (sometimes) also automatically pass that data to the website. It's an ease-of-use feature that can be handy, but also very disconcerting (IMO) if you did not setup the browser or are unfamiliar with the way it works. These website|username|password combinations may be held in cookies or a separately maintained database managed by the browser. The Mozilla-type browsers, e.g., Edge, Chrome, Firefox. Browsers retain such a database on the user's device. They also offer to keep a copy on a cloud service. Caveat emptor with that.

There are similar steps to clear cookies, clear passwords, etc. Generally you should Google or DDG (duck duck go) "how to ____" for any of them and get a quick answer or keyboard shortcut. I think ddg is pretty popular around here. Use it a few times and you'll see why.

The router also has a cache but I don't think it would allow you in that way. @RMerlin or others more familiar with the fw would know.

Have you encountered other "suspicious" behavior?

Sky

I really don't think the browser is the problem - I didn't state this originally, but the very first time I saw this problem was when using someone else's computer that I had never used before. Then on other computers using other browsers I saw the same problem.

I have not seen any other suspicious behavior.
 
the very first time I saw this problem was when using someone else's computer that I had never used before. Then on other computers using other browsers I saw the same problem.

You're probably right, assuming you had not logged in on those computers then left and went back in. A browser flush is an easy fix—if it works. My only other suggestion would be a factory reset of the router which would leave you re-entering all of your custom settings, a painstaking task at minimum.

It's also the end of my knowledge for this sort of thing. Try reaching out to @RMerlin. You might also try doing a search for "AiCloud password" across the entire site to start. It will take some time, but your answer may be there.

Sky

NOTE: I errantly said search for VPN password—oops—fixed by edit.
 
Last edited:
Asus RT-AC87R, firmware version 3.0.0.4.382_51640.

I discovered something very strange.

I have an external drive plugged into the USB port on the router. The drive contains photos, songs, movies.

I thought, It would be nice to view that stuff remotely over the internet when with family, etc. So, I enabled the AiCloud, both "Cloud Disk" and "Smart Access". It worked, after remotely logging in I was able to view the files on the attached external drive. And I was also able to access remotely other networked devices in our home, which is a very nice feature. So, for example, if I logged into https://example.asuscomm.com, I could explore the various networked devices, for example https://example/asuscomm.com/device1. However.....

After I logged out, the next time I logged in, I wanted to look at something on device1. So, when logging in, instead of logging in to https://example/asuscomm.com and then navigating to device1, I thought, I'll just go directly to https://example.asuscomm.com/device1, enter my login credentials, and then I'll be directly where I want to be. But, to my amazement and horror, when I entered https://example.asuscomm.com/device1, I did not get asked to enter any credentials at all - instead, I was taken directly to device1, and I had full, wide open access to everything on device1!

I cannot understand this. What am I doing wrong that it won't ask for me credentials when I enter https://example.asuscomm.com/device1, but it will if I enter https://example.asuscomm.com? Am I missing a setting of some sort?

Interested in any help, I am not very knowledgeable at all about this stuff, so I am assuming I am missing some obscure setting.

In the meantime, I have completely turned off the AiCloud stuff, and all the Servers Center stuff (UPnP, iTunes, FTP, and Network Places (Samba)), just to be safe. After doing that, I no longer can get full remote access on a networked device without credentiald being asked for - but of course, I don't have any remote access at all now.

Thanks in advance.

It's so much similar to former XSS issues.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top