These Experts Are Racing to Protect AI From Hackers. Time is Running Out
Motorola's handy Bluetooth device adds satellite messaging
Linux 6.2: The first mainstream Linux kernel for Apple M1 chips arrives
Sony's new headphones adopt WH-1000XM5 technology at a great price
The perfectly pointless $197 gadget that some people will love

ZDNET Recommends
Testing RFID blocking cards: Do they work? Do you need one?
This almost-great Raspberry Pi alternative is missing one key feature
This $75 dock turns your Mac Mini into a Mac Studio (sort of)
Samsung's Galaxy S23 Plus is the Goldilocks of Smartphones

Mobile World Congress 2023
Best massage chairs
Best iRobot vacuums
Best headphones for sleeping
Best smart treadmills

Gaming
Headphones
Laptops
Mobile Accessories
Networking
PCs

Printers
Smartphones
Smart Watches
Speakers
Streaming Devices
Streaming Services

Tablets
TVs
Wearables

Kitchen & Household
Office Furniture
Office Hardware & Appliances
Smart Home
Smart Lighting
Yard & Outdoors

Artificial Intelligence
AR + VR
Cloud
Digital Transformation
Energy

Robotics
Sustainability
Transportation
Work Life

Accelerate your tech game Paid Content
How the New Space Race Will Drive Innovation
How the metaverse will change the future of work and society

Managing the Multicloud
The Future of the Internet
The New Rules of Work
The Tech Trends to Watch in 2023

See all Business
Amazon
Apple
Developer
E-Commerce

Edge Computing
Enterprise Software
Executive
Google
Microsoft

Professional Development
Social Media
SMB
Windows

Digital transformation: Trends and insights for success
Software development: Emerging trends and changing roles

See all Security
Cyber Threats
Password Manager
Ransomware
VPN

Cybersecurity: Let's get tactical
Securing the Cloud

Deals
How-to
Product Comparisons
Product Spotlights
Reviews

See all Buying Guides
Best all-in-one computers
Best budget TVs
Best gaming CPUs
Best gaming laptops
Best gaming PCs

Best headphones
Best iPads
Best iPhones
Best laptops
Best large tablets
Best OLED TVs

Best robot vacuum mops
Best rugged tablets
Best Samsung phones
Best smart rings
Best smartphones
Best smartwatches

Best speakers
Best tablets
Best travel VPNs
Best TVs
Best VPNs

tomorrow belongs to those who embrace it today

Asia
Australia
Europe
India
United Kingdom
United States

ZDNET France
ZDNET Germany
ZDNET Korea
ZDNET Japan

Most Asus routers affected by hijack bug; exploit posted

An unpatched router can be hijacked, if the attacker is on the same network.

Written by Zack Whittaker, Contributor on Jan. 9, 2015

Many models of Asus' router line-up are affected
(Image: CNET)

Several models of Asus' routers are vulnerable to an attack that leaves little for non-technical users to protect themselves until a fix is issued.

Featured

8 cool ways to use LiDAR on your iPhone and iPad
How to make ChatGPT provide sources and citations
The best laptops for every type of person and budget
These experts are racing to protect AI from hackers. Time is running out

Security researcher Joshua Drake published an advisory warning that "all known firmware versions for applicable routers (RT-AC66U, RT-N66U, etc.) are assumed vulnerable."

The bug allows an attacker on the same network to take full administrative control of the router without the need for a password. The only known fix is to disable the troublesome infosvr service by killing the process when the affected device boots. That has to be performed each time the device restarts.

A working exploit was also published alongside the advisory.

While it may not be a major issue for those on private networks at home, those in offices or on public Wi-Fi are most at risk.

We've reached out to Asus but did not hear back at the time of writing.

Editorial standards

Show Comments

Most Asus routers affected by hijack bug; exploit posted

Featured

Related

The best Wi-Fi routers you can buy

CISA: Do these three things to toughen up your network against hackers

Modem vs router: What's the difference?