Asus Router Vulnerabilities and Updates

TapTechNews on June 17th reported that the CVE-2024-3080 vulnerability was officially announced on June 14th. There are authentication bypass vulnerabilities in seven Asus router products such as the RT-AX88U, allowing unauthorized remote attackers to log in to the device.

CVE-2024-3080

Update ZenWiFi XT8 to version 3.0.0.4.388_24621 (inclusive) or later.

Update ZenWiFi XT8 V2 to version 3.0.0.4.388_24621 (inclusive) or later.

Update RT-AX88U to version 3.0.0.4.388_24209 (inclusive) or later.

Update RT-AX58U to version 3.0.0.4.388_24762 (inclusive) or later.

Update RT-AX57 to version 3.0.0.4.386_52303 (inclusive) or later.

Update RT-AC86U to version 3.0.0.4.386_51925 (inclusive) or later.

Update RT-AC68U to version 3.0.0.4.386_51685 (inclusive) or later.

TapTechNews noted that Asus also fixed the arbitrary firmware upload vulnerability in the following older DSL routers.

CVE-2024-3912

Update to version 1.1.2.3_792 (inclusive) or later: DSL-N17U, DSL-N55U_C1, DSL-N55U_D1, DSL-N66U.

Update to version 1.1.2.3_807 (inclusive) or later: DSL-N12U_C1, DSL-N12U_D1, DSL-N14U, DSL-N14U_B1.

Update to version 1.1.2.3_999 (inclusive) or later: DSL-N16, DSL-AC51, DSL-AC750, DSL-AC52U, DSL-AC55U, DSL-AC56U.

No longer maintained and recommended to replace models: DSL-N10_C1, DSL-N10_D1, DSL-N10P_C1, DSL-N12E_C1, DSL-N16P, DSL-N16U, DSL-AC52, DSL-AC55.