What's new

vpnMentor: Asus Router App Leaks Customer Data and Exposes Alexa Users

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

vpnMentor: “Asus Router App Leaks Customer Data and Exposes Alexa Users”

https://www.vpnmentor.com/blog/report-asus-alexa-leak/

Pretty confused by this article...

What is “the AsusWRT App”? (Mobile App? Web interface?)

Where can we find relevant details?

They seem to be confused in the ASUS terminology themselves. vpnMentor is pretty worthless in terms of quality most of the time anyway.
 
They seem to be confused in the ASUS terminology themselves. vpnMentor is pretty worthless in terms of quality most of the time anyway.

Appears so. Asuswrt is router firmware, not an app.

However, I'm inclined to suspect that a mobile app for managing one's router/network is inherently vulnerable for various reasons relating to the mobile OS and the mobile device and their usage scenarios, so I can believe any report of a compromise. Such apps are to be avoided, imo... just not necessary.

OE
 
Appears so. Asuswrt is router firmware, not an app.

However, I'm inclined to suspect that a mobile app for managing one's router/network is inherently vulnerable for various reasons relating to the mobile OS and the mobile device and their usage scenarios, so I can believe any report of a compromise. Such apps are to be avoided, imo... just not necessary.

OE
It’s odd that they claim to have found the vulnerability through broad use of port scanners. They are very unclear if they are stating the app or the firmware had the vulnerability, and if it’s related to the old issue of the app opening up WAN access. It feels quite clickbaity, but I wouldn’t be surprised either if it was a new vulnerability.
 
...unprecedented access...

In the meantime, uninstall AsusWRT and disconnect any device from your home network.

They also state that the issue was reported AND fixed on September 15th, yet they say later that people should uninstall Asuswrt (someone tell me how you're supposed to do that) until Asus fixes it... Uh...

Ok, credibility = zero...
 
Article looks like it was written by a 10 year old with the occasional buzzword in bold text to try give the article credibility. Can someone explain what the "AsusWRT database" is :rolleyes:

The author is also conveniently listed as;

Guy Fawkes
Anonymous Cybersecurity Experts

Anonymous experts who write for vpnMentor but keep their identity secret.

I'm not buying it :p
 
Article looks like it was written by a 10 year old with the occasional buzzword in bold text to try give the article credibility. Can someone explain what the "AsusWRT database" is :rolleyes:

The author is also conveniently listed as;



I'm not buying it :p
It sounds like someone is taking the pi5
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top