ASUS recently released a new firmware update for its routers and has urged owners to install it to fix several security vulnerabilities.
ASUS Router Security Update
The latest firmware update for ASUS routers has been released and ASUS urges users to install it as it fixes 9 different security vulnerabilities including CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, CVE-2022-26376. Two of the most severe of these flaws, as pointed out by BleepingComputer, are CVE-2022-26376 and CVE-2018-1160. The 2022 flaw is a critical memory corruption weakness in the Asuswrt firmware which could allow hackers to trigger denial-of-services states. The 2018 flaw is an almost five-year-old bug which can be exploited to gain arbitrary code execution and is caused by an out-of-bounds write Netatalk weakness.
ASUS urges users to install this update but has advised those that choose not to install it to disable WAN services. The affected routers include: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400.
