News

Critical security vulnerabilities in Asus and Huawei routers: Firmware updates strongly recommended

Photo of Simon Lüthje Simon Lüthje21. June 2023
Bild: Asus ROG

Asus and Huawei, two well-known manufacturers of network devices, have recently pointed out critical security vulnerabilities in some of their router models. Both companies have released firmware updates to address these vulnerabilities. Users of these devices are urged to update their firmware as soon as possible.

Asus routers: numerous models affected

According to a report from Bleeping Computer, 19 router models from Asus are affected by the vulnerabilities. The CVE-2022-26376 and CVE-2018-1160 vulnerabilities are particularly highlighted as being critical. The first could allow an attacker to cause memory corruption through a specially crafted HTTP request. The second vulnerability, which has been known for some time, affects the Netatalk file server and could allow attackers to execute arbitrary code.

Asus has pointed out this and other vulnerabilities in a security advisory and provided new firmware to fix them. The list of gaps closed and bugs fixed with the cumulative updates is extensive and includes DoS vulnerabilities, information disclosure vulnerabilities and token authentication security issues, among others.

If for some reason users cannot or do not want to install the firmware updates, Asus recommends disabling the services accessible via WAN. These include WAN remote access, port forwarding, DDNS, VPN servers, DMZ and port triggers.

Affected Asus routers Firmware download
GT6 link
GT-AXE16000 Link
GT-AXE11000 PRO Link
GT-AXE11000 Link
GT-AX6000 Link
GT-AX11000 Link
GS-AX5400 Link
GS-AX3000 Link
ZenWiFi XT9 Link
ZenWiFi XT8 Link
ZenWiFi XT8_V2 Link
RT-AX86U PRO Link
RT-AX86U Link
RT-AX86S Link
RT-AX82U Link
RT-AX58U Link
RT-AX3000 Link
TUF-AX6000 Link
TUF-AX5400 Link

Huawei router: one model affected

The CVE-2022-48469 vulnerability, which has been known since May and allows an attacker to hijack data packets in transit (traffic hijacking), affects only the B535-232a router model at Huawei. To address this vulnerability, Huawei has released an updated firmware version 2.0.0.1(H318SP6C983) for this specific model. According to a security announcement from the company, the update will be automatically applied to the affected devices.

Conclusion

The security of network devices is critical, as they are often the gateway to our digital lives. Users of Asus and Huawei routers should install the provided firmware updates as soon as possible to protect their devices from potential attacks. It is also always advisable to check for and install updates regularly to ensure device security.

Tags
Photo of Simon Lüthje Simon Lüthje21. June 2023
Photo of Simon Lüthje

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

FRITZ!Box 6850 5G All-in-One-Router unveiled at IFA 2019

7. September 2019

ASUS ZenBook S (UX393) light and strong at the same time

9. December 2020

ASUS ROG Strix Helios – The colossus from ROG in review

16. March 2021
ASUS Dual Radeon RX 7900 XTX OC Edition

ASUS launches compact AMD Radeon RX 7900 XT(X) with only 2 fans

3. May 2024

No replies yet

Beginne die Diskussion →

Neue Antworten laden...

Avatar of Basic Tutorials
Basic Tutorials

Gehört zum Inventar

11,435 Beiträge 2,742 Likes
Angeheftet Jun 21, 2023

Asus and Huawei, two well-known manufacturers of network devices, have recently pointed out critical security vulnerabilities in some of their router models. Both companies have released firmware updates to address these vulnerabilities. Users of these devices are urged to update their firmware as soon as possible. Asus routers: numerous models affected According to a report … (Weiterlesen...)

Antworten Like

Beteilige dich an der Diskussion in der Basic Tutorials Community →

Back to top button