What's new

PC Mag and others on 6/20/23: 19 Asus Routers Need Their Firmware Updated Immediately

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Not open for further replies.


Occasional Visitor
I wonder if we should revert to factory firmware temporarily?

PC Mag: Asus releases a patch for 9 serious security flaws, some of which are rated 'high' or 'critical.'
Asus released a critical firmware update for 19 of its wireless routers that fixes nine serious security flaws as well as 17 other vulnerabilities.

As Bleeping Computer reports(Opens in a new window), this is a firmware update owners of Asus routers shouldn't ignore. Of the nine security flaws it fixes, at least two are critical bugs that could allow an attacker to execute code or trigger a DDoS attack.

The full list of security fixes(Opens in a new window) contained in this firmware update are:

  • Fixed CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, CVE-2022-26376
  • Fixed DoS vulnerabilities in firewall configuration pages.
  • Fixed DoS vulnerabilities in httpd.
  • Fixed information disclosure vulnerability.
  • Fixed null pointer dereference vulnerabilities.
  • Fixed the cfg server vulnerability.
  • Fixed the vulnerability in the log message function.
  • Fixed Client DOM Stored XSS
  • Fixed HTTP response splitting vulnerability
  • Fixed status page HTML vulnerability.
  • Fixed HTTP response splitting vulnerability.
  • Fixed Samba related vulnerabilities.
  • Fixed Open redirect vulnerability.
  • Fixed token authentication security issues.
  • Fixed security issues on the status page.
  • Enabled and supported ECDSA certificates for Let's Encrypt.
  • Enhanced protection for credentials.
  • Enhanced protection for OTA firmware updates.
The vulnerable routers requiring the update include the GT6(Opens in a new window), GT-AXE16000(Opens in a new window), GT-AX11000 PRO(Opens in a new window), GT-AXE11000(Opens in a new window), GT-AX6000(Opens in a new window), GT-AX11000(Opens in a new window), GS-AX5400(Opens in a new window), GS-AX3000(Opens in a new window), ZenWiFi XT9(Opens in a new window), ZenWiFi XT8(Opens in a new window), ZenWiFi XT8 V2(Opens in a new window), RT-AX86U PRO(Opens in a new window), RT-AX86U(Opens in a new window), RT-AX86S(Opens in a new window), RT-AX82U(Opens in a new window), RT-AX58U(Opens in a new window), RT-AX3000(Opens in a new window), TUF-AX6000(Opens in a new window), and TUF-AX5400(Opens in a new window).

Not open for further replies.

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!