Article Details
Scrape Timestamp (UTC): 2025-04-18 16:11:27.012
Original Article Text
Click to Toggle View
ASUS warns of critical auth bypass flaw in routers using AiCloud. ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. The vulnerability, tracked under CVE-2025-2492 and rated critical (CVSS v4 score: 9.2), is remotely exploitable via a specially crafted request and requires no authentication, making it particularly dangerous. "An improper authentication control vulnerability exists in certain ASUS router firmware series," reads the vendor's bulletin. "This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions." AiCloud is a cloud-based remote access feature built into many ASUS routers, turning them into mini private cloud servers. It allows users to access files stored on USB drives connected to the router from anywhere over the internet, stream media remotely, sync files between home networks and other cloud storage services, and share files with others via links. The vulnerability discovered in AiCloud impacts a broad range of models, with ASUS releasing fixes for multiple firmware branches, including 3.0.0.4_382 series, 3.0.0.4_386 series, 3.0.0.4_388 series, and 3.0.0.6_102 series. Users are recommended to upgrade to the latest firmware version available for their model, which they can find on the vendor's support portal or the product finder page. Detailed instructions on how to apply firmware updates are available here. ASUS also advises users to use distinct passwords to secure their wireless network and router administration page, and make sure they're at least 10 characters long with a mix of letters, numbers, and symbols. Impacted users of end-of-life products are advised to disable AiCloud entirely and turn off internet access for WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP services. While there are no reports of active exploitation or a public proof-of-concept exploit for CVE-2025-2492, attackers commonly target these flaws to infect devices with malware or recruit them into DDoS swarms. Therefore, it is strongly advised that ASUS router users upgrade to the latest firmware as soon as possible.
Daily Brief Summary
ASUS has identified a critical authentication bypass flaw in routers with AiCloud, tracked as CVE-2025-2492 with a CVSS v4 score of 9.2.
The vulnerability allows remote attackers to execute unauthorized functions on the device without needing authentication.
AiCloud, a feature in ASUS routers, transforms these devices into private cloud servers, enabling remote file access, media streaming, and file syncing.
The security flaw affects a wide range of router models, and ASUS has released firmware updates for multiple series including 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102.
Users are urged to update their firmware through the ASUS support portal or product finder page to mitigate risks.
Additional security recommendations include using unique, complex passwords for wireless networks and router administration.
End-of-life products impacted by the flaw should disable AiCloud and related internet access services to enhance security.
No active exploitations or public exploits are reported yet, but the vulnerability could potentially be used for malware distribution or incorporating devices into DDoS attacks.