Focus on source code security and collect the latest information at home and abroad!
Compiled by: Code Guard
ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers are affected by three critical remote code execution (RCE) vulnerabilities that can lead to device hijacking if security updates are not installed.
These three wireless routers are popular high-end routers in the consumer network market and are favored by gamers and users with high performance requirements. These three vulnerabilities all have a CVSS v3.1 score of 9.8. They are format string vulnerabilities that can be exploited remotely without any authentication and can lead to remote code execution, service terminals, and arbitrary operations on the device.
Format string vulnerabilities originate from unvalidated and/or unsanitized user input in format string parameters in certain functions, which can lead to a variety of issues such as information disclosure and code execution. An attacker could exploit these vulnerabilities via specially crafted input sent to a vulnerable device. An attacker can attack certain administrator API functions on ASUS devices.
Vulnerability brief description
The three vulnerabilities are as follows:
CVE-2023-39238: Lack of proper validation of input format strings on the iperf-related API module "ser_iperf3_svr.cgi".
CVE-2023-39239: Lack of proper validation of input format strings in the API of the Common Settings feature.
CVE-2023-39240: Lack of proper validation of input format strings on the iperf-related API module "set_ipertf3_cli.cgi".
The above vulnerabilities affect ASUS RT-AX55, RT-AX56U_V2 and RT-AC86U in firmware versions 3.0.0.4.386_50460, 3.0.0.4.386_50460 and 3.0.0.4.386_51529 respectively. The recommended solution is to apply the following firmware update:
RT-AX55: 3.0.0.4.386_51948 or later version
RT-AX56U_V2: 3.0.0.4.386_51948 or later version
RT-AC86U: 3.0.0.4.386_51915 or later version
ASUS released patches for the RT-AX55 earlier in August this year, for the AX56U_V2 in May and for the RT-AC86U at the end of July. Users who have not yet applied the security update should do so as soon as possible. In addition, since many consumer router flaws are related to the web management console, it is strongly recommended to turn off the remote management (WAN Web Access) feature and prevent access from the Internet.
Code Guard trial address: https://codesafe.qianxin.com
Open source guard trial address: https://oss.qianxin.com
Recommended reading
ASUS urgently fixes multiple critical router vulnerabilities
ASUS fixes UEFI vulnerability that could disable Secure Boot
ASUS: Beware of Cyclops Blink malware attacking routers
ASUS admits that Live Update Utility has been exploited by APT groups and releases patches
Original link
https://www.bleepingcomputer.com/news/security/asus-routers-vulnerable-to-critical-remote-code-execution-flaws/
Title image: Pixabay License
This article was compiled by Qi Anxin and does not represent the views of Qi Anxin. Please indicate "Reprinted from Qianxin Code Guard https://codesafe.qianxin.com" when reprinting.
Qi Anxin code guard (codesafe)
The first domestic product line focusing on software development security.
If you think it’s good, just click “Looking” or “Like”~