News How a code re-use issue led to vulnerabilities in AsusWrt(-Merlin) and multiple other products

Jaime Alvarez

Regular Contributor
The one affecting Asuswrt is CVE-2022-26376. Judging from the report, if your firmware is ASUS 3.0.0.4.386_48706 / Merlin 386.1 or later you are not vulnerable.
 

RMerlin

Asuswrt-Merlin dev
Talos contacted me at the time to notify me of the CVE-2022-26376 issue, and I fixed it with 386.7. The Talos report is slightly inaccurate there as it mentions 386.1 instead. I'll contact them about that.
 
Similar threads
Thread starter Title Forum Replies Date
L Issue Connecting to Certain Sites? General Network Security 10

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top