ASUS Routers with AiCloud Vulnerable to Auth Bypass Exploit

A recent security advisory from ASUS has warned of a critical authentication bypass vulnerability in certain router firmware series, which could allow unauthorized execution of functions on the device. The vulnerability, tracked as CVE-2025-2492 (CVSS v4 score: 9.2), impacts routers with AiCloud enabled and can be exploited by a remote, unauthenticated attacker sending a specially crafted request.

According to ASUS, an improper authentication control vulnerability exists in certain router firmware series, which can be triggered by a crafted request, potentially leading to unauthorized execution of functions. The company has released new firmware updates for affected models, including 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102 series.

ASUS is urging users to take immediate action to protect their devices and security settings. The company recommends regularly checking for firmware updates via the ASUS support page when available. Additionally, users should update their router's firmware as soon as possible to prevent potential exploitation of this vulnerability.

The advisory also emphasizes the importance of using strong, unique passwords (min. 10 characters, mix of letters, numbers, symbols) for both Wi-Fi and admin pages, and avoiding reusing passwords or using easy sequences like 1234567890. If users are unable to update their firmware quickly or their router is end-of-life, ASUS advises disabling AiCloud and any services that can be accessed from the internet.

It's worth noting that ASUS has not disclosed whether it is aware of any attacks in the wild that have exploited this vulnerability. However, with this new information, users are now more aware of the potential risks and can take necessary precautions to protect their devices.

To stay up-to-date on the latest security news and alerts, follow me on Twitter: @securityaffairs, Facebook, and Mastodon.