Improper Validation Vulnerability in ASUS Routers
CVE-2026-13385
9.5CRITICAL
What is CVE-2026-13385?
An improperly validated integrity check value and insufficient certificate validation in specific ASUS router models can be exploited by a remote attacker. This vulnerability allows an adversary to perform a man-in-the-middle (MITM) attack, leading the router to download and execute arbitrary commands from a compromised server. For further details and resolution steps, refer to the ASUS Security Advisory.
Affected Version(s)
Router 3.0.0.4_386 series
Router 3.0.0.4_388 series
Router 3.0.0.6_102 series