ASUS Router Authentication Bypass Vulnerability Allows Unauthorized Access

CVE-2024-3080

9.8CRITICAL

Key Information

Vendor
Asus
Status
Zenwifi Xt8
Zenwifi Xt8 V2
Rt-ax88u
Rt-ax58u
Vendor
CVE Published:
14 June 2024

Badges

πŸ“° News Worthy

Summary

The ASUS Router Authentication Bypass Vulnerability, tracked as CVE-2024-3080, affects several popular ASUS router models, allowing unauthenticated remote attackers to gain access to the device's configuration. ASUS has issued security updates to address this critical flaw, with a CVSS score of 9.8, urging users to promptly apply the patches. The affected models include ZenWiFi XT8, RT-AX88U, RT-AX58U, RT-AX57, RT-AC86U, and RT-AC68U. Failure to update the firmware could lead to remote exploitation and unauthorized access, highlighting the urgency for users to take action and apply the necessary security measures.

Affected Version(s)

ZenWiFi XT8 <= 3.0.0.4.388_24609

ZenWiFi XT8 V2 <= 3.0.0.4.388_24609

RT-AX88U <= 3.0.0.4.388_24198

News Articles

favicon imageThe Hacker News

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

ASUS releases crucial updates for multiple router models to address critical authentication bypass and buffer overflow vulnerabilities. Users urged to

6 months ago

References

https://www.twcert.org.tw/tw/cp-132-7859-0e104-1.html
third-party-advisory
https://www.twcert.org.tw/en/cp-139-7860-760b1-2.html
third-party-advisory

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database1 News Article(s)
.