/>
X

Most Asus routers affected by hijack bug; exploit posted

An unpatched router can be hijacked, if the attacker is on the same network.
zack-whittaker-hs2016-rtsquare-1.jpg
Written by Zack Whittaker, Writer-editor on
asus-hero.jpg
Many models of Asus' router line-up are affected
(Image: CNET)

Several models of Asus' routers are vulnerable to an attack that leaves little for non-technical users to protect themselves until a fix is issued.

Security researcher Joshua Drake published an advisory warning that "all known firmware versions for applicable routers (RT-AC66U, RT-N66U, etc.) are assumed vulnerable."

The bug allows an attacker on the same network to take full administrative control of the router without the need for a password. The only known fix is to disable the troublesome infosvr service by killing the process when the affected device boots. That has to be performed each time the device restarts.

A working exploit was also published alongside the advisory.

While it may not be a major issue for those on private networks at home, those in offices or on public Wi-Fi are most at risk.

We've reached out to Asus but did not hear back at the time of writing.

Related

Delta Air Lines just made an embarrassing announcement (you may be livid)
screen-shot-2022-06-22-at-3-50-54-pm.png

Delta Air Lines just made an embarrassing announcement (you may be livid)

Business
This stuff is better than compressed air for cleaning your dirty tech
img-6864

This stuff is better than compressed air for cleaning your dirty tech

Office Hardware & Appliances
Linus Torvalds is cautiously optimistic about bringing Rust into Linux kernel's next release
rusty gears

Linus Torvalds is cautiously optimistic about bringing Rust into Linux kernel's next release

Enterprise Software