ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that would permit distant attackers to carry out unauthorized execution of features on the gadget.
The vulnerability, tracked underneath CVE-2025-2492 and rated essential (CVSS v4 rating: 9.2), is remotely exploitable by way of a specifically crafted request and requires no authentication, making it notably harmful.
“An improper authentication management vulnerability exists in sure ASUS router firmware collection,” reads the seller’s bulletin.
“This vulnerability might be triggered by a crafted request, probably resulting in unauthorized execution of features.”
AiCloud is a cloud-based distant entry function constructed into many ASUS routers, turning them into mini non-public cloud servers.
It permits customers to entry recordsdata saved on USB drives linked to the router from anyplace over the web, stream media remotely, sync recordsdata between house networks and different cloud storage companies, and share recordsdata with others by way of hyperlinks.
The vulnerability found in AiCloud impacts a broad vary of fashions, with ASUS releasing fixes for a number of firmware branches, together with 3.0.0.4_382 collection, 3.0.0.4_386 collection, 3.0.0.4_388 collection, and three.0.0.6_102 collection.
Customers are advisable to improve to the newest firmware model out there for his or her mannequin, which they’ll discover on the seller’s help portal or the product finder web page. Detailed directions on how you can apply firmware updates are out there right here.
ASUS additionally advises customers to make use of distinct passwords to safe their wi-fi community and router administration web page, and ensure they’re a minimum of 10 characters lengthy with a mixture of letters, numbers, and symbols.
Impacted customers of end-of-life merchandise are suggested to disable AiCloud solely and switch off web entry for WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP companies.
Whereas there are not any studies of energetic exploitation or a public proof-of-concept exploit for CVE-2025-2492, attackers generally goal these flaws to contaminate units with malware or recruit them into DDoS swarms.
Subsequently, it’s strongly suggested that ASUS router customers improve to the newest firmware as quickly as potential.
