19 Asus Routers Need Their Firmware Updated Immediately

Asus released a critical firmware update for 19 of its wireless routers that fixes nine serious security flaws as well as 17 other vulnerabilities.

As Bleeping Computer reports(Opens in a new window), this is a firmware update owners of Asus routers shouldn’t ignore. Of the nine security flaws it fixes, at least two are critical bugs that could allow an attacker to execute code or trigger a DDoS attack.

The full list of security fixes(Opens in a new window) contained in this firmware update are:

  • Fixed CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, CVE-2022-26376

  • Fixed DoS vulnerabilities in firewall configuration pages.

  • Fixed DoS vulnerabilities in httpd.

  • Fixed information disclosure vulnerability.

  • Fixed null pointer dereference vulnerabilities.

  • Fixed the cfg server vulnerability.

  • Fixed the vulnerability in the log message function.

  • Fixed Client DOM Stored XSS

  • Fixed HTTP response splitting vulnerability

  • Fixed status page HTML vulnerability.

  • Fixed HTTP response splitting vulnerability.

  • Fixed Samba related vulnerabilities.

  • Fixed Open redirect vulnerability.

  • Fixed token authentication security issues.

  • Fixed security issues on the status page.

  • Enabled and supported ECDSA certificates for Let’s Encrypt.

  • Enhanced protection for credentials.

  • Enhanced protection for OTA firmware updates.

The vulnerable routers requiring the update include the GT6(Opens in a new window), GT-AXE16000(Opens in a new window), GT-AX11000 PRO(Opens in a new window), GT-AXE11000(Opens in a new window), GT-AX6000(Opens in a new window), GT-AX11000(Opens in a new window), GS-AX5400(Opens in a new window), GS-AX3000(Opens in a new window), ZenWiFi XT9(Opens in a new window), ZenWiFi XT8(Opens in a new window), ZenWiFi XT8 V2(Opens in a new window), RT-AX86U PRO(Opens in a new window), RT-AX86U(Opens in a new window), RT-AX86S(Opens in a new window), RT-AX82U(Opens in a new window), RT-AX58U(Opens in a new window), RT-AX3000(Opens in a new window), TUF-AX6000(Opens in a new window), and TUF-AX5400(Opens in a new window).

If you own a router on that list, simply click on its model name above and you’ll be taken to its product page where a link to the latest firmware download is available. Need help installing the firmware? Asus has a helpful FAQ(Opens in a new window) to guide you through the process.

Recommended by Our Editors

Asus also recommends creating separate passwords for your wireless network and router-administration page, and if you router supports it, enable Asus AiProtection (details available in your router’s user manual).

If you opt not to install this critical firmware update, Asus strongly recommends, “disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger.” It’s much easier to install the firmware update and close the security holes.

PCMag Logo Readers’ Choice 2022: Wireless Routers & Network Attached Storage Devices
What’s New Now to get our top stories delivered to your inbox every morning.”,”first_published_at”:”2021-09-30T21:30:40.000000Z”,”published_at”:”2022-08-31T18:35:24.000000Z”,”last_published_at”:”2022-08-31T18:35:20.000000Z”,”created_at”:null,”updated_at”:”2022-08-31T18:35:24.000000Z”})” x-show=”showEmailSignUp()” class=”rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 mt-8 container-xs” readability=”30.769230769231″>

Get Our Best Stories!

Sign up for What’s New Now to get our top stories delivered to your inbox every morning.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Facebook Comments Box

Hits: 0