ASUS fixed critical remote authentication bypass bug in several routers

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models.

ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models.

The flaw is an authentication bypass issue that a remote attacker can exploit to log into the device without authentication.

The flaw impacts the following models:

  • ZenWiFi XT8 3.0.0.4.388_24609 (inclusive) previous versions
  • ZenWiFi Version RT-AX57 3.0.0.4.386_52294 (inclusive) previous version
  • ZenWiFi Version RT-AC86U 3.0.0.4.386_51915 (inclusive) previous version
  • ZenWiFi Version RT-AC68U 3.0.0.4.386_51668 (inclusive) previous version

The company released the following firmware update to address the issue:

  • Update ZenWiFi XT8 to 3.0.0.4.388_24621 (inclusive) and later versions
  • Update ZenWiFi XT8 V2 to 3.0.0.4.388_24621 (inclusive) and later versions
  • Update RT-AX88U to 3.0.0.4.388_24209 (inclusive) and later versions
  • Update RT-AX58U to 3.0 .0.4.388_24762 (inclusive) and later versions
  • update RT-AX57 to 3.0.0.4.386_52303 (inclusive) and later versions
  • update RT-AC86U to 3.0.0.4.386_51925 (inclusive) and later versions
  • update RT-AC68U to 3.0.0.4.386_51685 ( (including) later versions

The vendor also addressed a critical upload arbitrary firmware flaw, tracked as CVE-2024-3912 (CVSS score 9.8) impacting multiple devices. An unauthenticated, remote attacker can exploit the flaw to execute system commands on the vulnerable device.

Carlos Köpke from PLASMALABS discovered the flaw. Impacted products are: DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U, DSL-N14U, DSL-N14U_B1, DSL-N12U_C1, DSL-N12U_D1, DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL- AC55U, DSL-AC56U.

Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL).

The following versions address the flaw:

  • Update the following models to 1.1.2.3_792 (inclusive) and later versions:
    DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U
  • Update the following models to 1.1.2.3_807 (inclusive) and later versions:
    DSL-N12U_C1, DSL -N12U_D1, DSL-N14U, DSL-N14U_B1
  • Update the following models to 1.1.2.3_999 (inclusive) and later versions:
    DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL-AC55U, DSL-AC56U
  • and following models No longer maintained, it is recommended to replace
    DSL-N10_C1, DSL-N10_D1, DSL-N10P_C1, DSL-N12E_C1, ,DSL-N16P, DSL-N16U, DSL-AC52, DSL-AC55.
    If it cannot be replaced in the short term, it is recommended to close it. Remote access (Web access from WAN), virtual server (Port forwarding), DDNS, VPN server, DMZ, port trigger

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, routers)