What's new

Security threat vulnerability Various AX Models !!!!

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.

marcd5123

Regular Contributor
Hi Guys ..A very good friend of mine has just forwarded this to me . I own the 86U Pro .

"Hardware manufacturer Asus has released updates patching multiple critical vulnerabilities that allow hackers to remotely take control of a range of router models with no authentication or interaction required of end users.

The most critical vulnerability, tracked as CVE-2024-3080 is an authentication bypass flaw that can allow remote attackers to log into a device without authentication. The vulnerability, according to the Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC), carries a severity rating of 9.8 out of 10. Asus said the vulnerability affects the following routers:

Model nameSupport Site link
XT8 and XT8_V2https://www.asus.com/uk/supportonly/asus%20zenwifi%20ax%20(xt8)/helpdesk_bios/
RT-AX88Uhttps://www.asus.com/supportonly/RT-AX88U/helpdesk_bios/
RT-AX58Uhttps://www.asus.com/supportonly/RT-AX58U/helpdesk_bios/
RT-AX57https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax57/helpdesk_bios
RT-AC86Uhttps://www.asus.com/supportonly/RT-AC86U/helpdesk_bios/
RT-AC68Uhttps://www.asus.com/supportonly/RT-AC68U/helpdesk_bios/"

What do you guys think 🤔 👀
 
Please use the forum search, that specific CVE security warning has been posted and discussed in several past discussions since June 14/15th when Asus released their security notice and Bleeping Computer published their article on it. The seven routers mentioned had their firmware patched months ago to fix the specific CVE mentioned.
ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15) - Post #41
RT-AC68U End of Life Announced by Asus - Post #87

PS: Asus gives the standard suggestion(s) in the security notice for this specific CVE:
If you are not able to update the firmware quickly, please make sure that both your login and WiFi passwords are strong. It is recommended (1) disable any services that can be reached from the internet, such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger. (2) passwords have more than 10 characters with a variety of capitalized letters, numbers, and special characters to increase the security level of your devices. Do not use passwords with consecutive numbers or letters, such as 1234567890, abcdefghij, or qwertyuiop."
Another PS: The seven mentioned routers, their patched firmware versions and when the firmware was published by Asus.
XT8: 3.0.0.4.388_24621 - 2024/03/19
XT8_V2: 3.0.0.4.388_24621 - 2024/03/19
RT-AX88U: 3.0.0.4.388_24209 - 2024/03/29
RT-AX58U: 3.0.0.4.388_24762 - 2024/04/12
RT-AX57: 3.0.0.4.386_52303 - 2024/04/08
RT-AC86U: 3.0.0.4.386_51925 - 2024/03/29
RT-AC68U: 3.0.0.4.386_51685 - 2024/04/15
 
Last edited:
Please use the forum search, that specific CVE security warning has been posted and discussed in several past discussions since June 14/15th when Asus released their security notice and Bleeping Computer published their article on it. The seven routers mentioned had their firmware patched months ago to fix the specific CVE mentioned.
ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15) - Post #41
RT-AC68U End of Life Announced by Asus - Post #87

PS: Asus gives the standard suggestion(s) in the security notice for this specific CVE:

Another PS: The seven mentioned routers, their patched firmware versions and when the firmware was published by Asus.
XT8: 3.0.0.4.388_24621 - 2024/03/19
XT8_V2: 3.0.0.4.388_24621 - 2024/03/19
RT-AX88U: 3.0.0.4.388_24209 - 2024/03/29
RT-AX58U: 3.0.0.4.388_24762 - 2024/04/12
RT-AX57: 3.0.0.4.386_52303 - 2024/04/08
RT-AC86U: 3.0.0.4.386_51925 - 2024/03/29
RT-AC68U: 3.0.0.4.386_51685 - 2024/04/15
Thanks for the reply much appreciated 👍..That's fantastic news I was not aware of this just reading now thank you for all the information.🙂
 
Status
Not open for further replies.

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top