U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

ASUS Routers setting could expose users data on Internet

A default setting in Asus Routers allows an attacker to remotely access data archived on a USB media storage connected to the devices. Swedish users reported an alleged vulnerability in Asus Routers that allows an attacker to remotely access data archived on a USB media storage directly connected to the devices. Asus and many routers […]

ASUS Routers setting could expose users data on Internet

A default setting in Asus Routers allows an attacker to remotely access data archived on a USB media storage connected to the devices.

Swedish users reported an alleged vulnerability in Asus Routers that allows an attacker to remotely access data archived on a USB media storage directly connected to the devices.

Asus and many routers manufacturers offer the possibility to directly connect USB removable media to store and retrieved data within the computer network.

The data stored on a USB hard disk could be shared between computers on the same network or could be available on the Internet and accessible through the FTP protocol. Many Asus devices implement the AiDisk utility to enable the FTP server function, the feature is easily configurable from the administrator panel of the router.
ASUS Routers admin panel

The list of ASUS Routers which implement this feature included the following models:

  • RT-N66U
  • RT-N56U
  • RT-N15U
  • RT-N65U
  • RT-AC66U
  • DSL-N55U
  • RT-N16

Is it a vulnerability, or is it a feature implemented to allow the publication of user’s data on an FTP server?

The real problem is that enabling the AiDisk utility the device is configured to share data publicly on Internet, its default configuration gives complete control of the files on the storage.

The colleagues at THN demonstrated how it is possible to use SHODAN search engine to find ASUS routers poorly configured, thousand of Storage Disk using Asus Routers with no password or having default settings.

The access to the data present on the devices is quite easy, use the ftp protocol and the IP address retrieved from Shodan i.e. ftp://ipaddress/.

http://www.shodanhq.com/search?q=+RT-N66U

 

ASUS Routers device with SHODAN

or

ASUS Routers device with SHODAN 2

The risky feature was reported to ASUS that intends to release an update, informing users to choose a strong password for device storage and Router Administrative panel.

Pierluigi Paganini

(Security Affairs –  Asus Routers, hacking)