The Computer Emergency Response Team (CERT) from Taiwan warns of three dangerous vulnerabilities in three Asus routers. Security updates are available for download.
Malicious code vulnerabilities
Specifically, the models RT-AC86U, RT-AX55 and RT-AX56U_V2 are at risk. Attackers should be able to attack all three gaps remotely without authentication. Since user input is not sufficiently checked, attackers can target the admin API of vulnerable devices with crafted requests.
The vulnerabilities (CVE-2023-39238, CVE-2023-39239, CVE-2023-39240) are all classified as critical. It is not yet known whether there have already been attacks. Due to the severity, it can be assumed that attackers will be able to completely compromise the devices after successful attacks.
Asus claims to have resolved the security issues in the following firmware versions:
To the home page
#Security #updates #Attackers #gain #control #Asus #routers