Authentication Bypass in ASUS Router IFTTT Integration Feature
CVE-2025-59371

7.5HIGH

Key Information:

Vendor

Asus
Status
Router
Vendor
CVE Published:
25 November 2025

What is CVE-2025-59371?

An authentication bypass vulnerability has been discovered in the IFTTT integration feature of ASUS routers. This flaw enables remote, authenticated attackers to exploit the vulnerability, potentially allowing unauthorized access to the device. It is important to note that this issue does not affect models from the Wi-Fi 7 series. Users are advised to consult the ASUS Security Advisory for detailed information and potential remediation steps.

Affected Version(s)

Router 3.0.0.4_386

Router 3.0.0.4_388

Router 3.0.0.6_102

References

https://www.asus.com/security-advisory/
vendor-advisory

CVSS V4

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-59371 : Authentication Bypass in ASUS Router IFTTT Integration Feature