ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that might enable distant attackers to carry out unauthorized execution of capabilities on the system.
The vulnerability, tracked underneath CVE-2025-2492 and rated important (CVSS v4 rating: 9.2), is remotely exploitable through a specifically crafted request and requires no authentication, making it significantly harmful.
“An improper authentication management vulnerability exists in sure ASUS router firmware sequence,” reads the seller’s bulletin.
“This vulnerability may be triggered by a crafted request, probably resulting in unauthorized execution of capabilities.”
AiCloud is a cloud-based distant entry function constructed into many ASUS routers, turning them into mini personal cloud servers.
It permits customers to entry recordsdata saved on USB drives related to the router from anyplace over the web, stream media remotely, sync recordsdata between residence networks and different cloud storage providers, and share recordsdata with others through hyperlinks.
The vulnerability found in AiCloud impacts a broad vary of fashions, with ASUS releasing fixes for a number of firmware branches, together with 3.0.0.4_382 sequence, 3.0.0.4_386 sequence, 3.0.0.4_388 sequence, and three.0.0.6_102 sequence.
Customers are really helpful to improve to the most recent firmware model obtainable for his or her mannequin, which they’ll discover on the seller’s assist portal or the product finder web page. Detailed directions on the right way to apply firmware updates can be found right here.
ASUS additionally advises customers to make use of distinct passwords to safe their wi-fi community and router administration web page, and ensure they’re no less than 10 characters lengthy with a mixture of letters, numbers, and symbols.
Impacted customers of end-of-life merchandise are suggested to disable AiCloud completely and switch off web entry for WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP providers.
Whereas there are not any reviews of lively exploitation or a public proof-of-concept exploit for CVE-2025-2492, attackers generally goal these flaws to contaminate gadgets with malware or recruit them into DDoS swarms.
Due to this fact, it’s strongly suggested that ASUS router customers improve to the most recent firmware as quickly as potential.
