430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ASUS fixed critical remote authentication bypass bug in several routers

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. The flaw is an authentication bypass issue that a remote attacker can exploit to log into the device without authentication. The flaw impacts […]

ASUS router models

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models.

ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models.

The flaw is an authentication bypass issue that a remote attacker can exploit to log into the device without authentication.

The flaw impacts the following models:

  • ZenWiFi XT8 3.0.0.4.388_24609 (inclusive) previous versions
  • ZenWiFi Version RT-AX57 3.0.0.4.386_52294 (inclusive) previous version
  • ZenWiFi Version RT-AC86U 3.0.0.4.386_51915 (inclusive) previous version
  • ZenWiFi Version RT-AC68U 3.0.0.4.386_51668 (inclusive) previous version

The company released the following firmware update to address the issue:

  • Update ZenWiFi XT8 to 3.0.0.4.388_24621 (inclusive) and later versions
  • Update ZenWiFi XT8 V2 to 3.0.0.4.388_24621 (inclusive) and later versions
  • Update RT-AX88U to 3.0.0.4.388_24209 (inclusive) and later versions
  • Update RT-AX58U to 3.0 .0.4.388_24762 (inclusive) and later versions
  • update RT-AX57 to 3.0.0.4.386_52303 (inclusive) and later versions
  • update RT-AC86U to 3.0.0.4.386_51925 (inclusive) and later versions
  • update RT-AC68U to 3.0.0.4.386_51685 ( (including) later versions

The vendor also addressed a critical upload arbitrary firmware flaw, tracked as CVE-2024-3912 (CVSS score 9.8) impacting multiple devices. An unauthenticated, remote attacker can exploit the flaw to execute system commands on the vulnerable device.

Carlos Köpke from PLASMALABS discovered the flaw. Impacted products are: DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U, DSL-N14U, DSL-N14U_B1, DSL-N12U_C1, DSL-N12U_D1, DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL- AC55U, DSL-AC56U.

Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL).

The following versions address the flaw:

  • Update the following models to 1.1.2.3_792 (inclusive) and later versions:
    DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U
  • Update the following models to 1.1.2.3_807 (inclusive) and later versions:
    DSL-N12U_C1, DSL -N12U_D1, DSL-N14U, DSL-N14U_B1
  • Update the following models to 1.1.2.3_999 (inclusive) and later versions:
    DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL-AC55U, DSL-AC56U
  • and following models No longer maintained, it is recommended to replace
    DSL-N10_C1, DSL-N10_D1, DSL-N10P_C1, DSL-N12E_C1, ,DSL-N16P, DSL-N16U, DSL-AC52, DSL-AC55.
    If it cannot be replaced in the short term, it is recommended to close it. Remote access (Web access from WAN), virtual server (Port forwarding), DDNS, VPN server, DMZ, port trigger

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, routers)