Post

Critical Authentication Bypass Vulnerability in ASUS Routers with AiCloud

Posted
By Tom Grant
2 min read
Critical Authentication Bypass Vulnerability in ASUS Routers with AiCloud

TL;DR

ASUS has issued a warning about a critical authentication bypass vulnerability (CVE-2025-2492) affecting routers with AiCloud enabled. This flaw allows remote attackers to execute unauthorized functions on the device. Users are urged to update their firmware and follow security best practices to mitigate risks.

ASUS Routers with AiCloud Vulnerable to Authentication Bypass Exploit

ASUS has alerted users to a severe authentication bypass vulnerability, identified as CVE-2025-2492 with a CVSS v4 score of 9.2. This vulnerability impacts routers with the AiCloud feature enabled, allowing remote attackers to perform unauthorized functions on the device by sending specially crafted requests.

Details of the Vulnerability

The vulnerability stems from improper authentication controls in certain ASUS router firmware series. Exploiting this flaw can lead to unauthorized execution of functions on the affected device. ASUS has released new firmware updates for the following series: 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102.

“An improper authentication control vulnerability exists in certain ASUS router firmware series. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions.” 1

ASUS strongly advises users to take the following steps to protect their devices:

  • Regularly Check Devices and Security Settings: Ensure that your router’s firmware is up-to-date. You can update the firmware via the ASUS support page.
  • Use Strong, Unique Passwords: Implement strong passwords (minimum 10 characters, mix of letters, numbers, and symbols) for both Wi-Fi and admin pages. Avoid reusing passwords or using simple sequences like 1234567890.
  • Disable Unnecessary Services: If you cannot update the firmware immediately or if the router is end-of-life, disable AiCloud and any services that can be accessed from the internet, such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP.

Security Advisory

ASUS has not confirmed any active exploits of this vulnerability in the wild. However, users are urged to follow the recommended security measures to prevent potential attacks.

“If you are unable to update the firmware quickly or the router is end-of-life, please ensure that both your login and WiFi passwords are strong. It is recommended to (1) Disable AiCloud (2) disable any services that can be accessed from the internet, such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP.” 2

Conclusion

The authentication bypass vulnerability in ASUS routers with AiCloud enabled poses a significant security risk. Users should prioritize updating their firmware and implementing the recommended security measures to safeguard their devices from potential exploits. Staying informed and proactive is crucial in maintaining cybersecurity.

References

  1. ASUS Product Security Advisory (2025). “ASUS Product Security Advisory”. ASUS. Retrieved 2025-04-18. ↩︎

  2. ASUS Product Security Advisory (2025). “ASUS Product Security Advisory”. ASUS. Retrieved 2025-04-18. ↩︎

Cybersecurity & Data Protection, Vulnerabilities
cybersecurity threat-intelligence asus
This post is licensed under CC BY 4.0 by the author.