go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

ASUS Router - Improper Authentication

TVN ID TVN-202406003
CVE ID CVE-2024-3080
CVSS 9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products ZenWiFi XT8 version 3.0.0.4.388_24609 and earlier
ZenWiFi XT8 version V2 3.0.0.4.388_24609 and earlier
RT-AX88U version 3.0.0.4.388_24198 and earlier
RT-AX58U version 3.0.0.4.388_23925 and earlier
RT-AX57 version 3.0.0.4.386_52294 and earlier
RT-AC86U version 3.0.0.4.386_51915 and earlier
RT-AC68U version 3.0.0.4.386_51668 and earlier
Description Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device.
Solution Update ZenWiFi XT8 to version 3.0.0.4.388_24621 or later
Update ZenWiFi XT8 V2 to version 3.0.0.4.388_24621 or later
Update RT-AX88U to version 3.0.0.4.388_24209 or later
Update RT-AX58U to version 3.0.0.4.388_24762 or later
Update RT-AX57 to version 3.0.0.4.386_52303 or later
Update RT-AC86U to version 3.0.0.4.386_51925 or later
Update RT-AC68U to version 3.0.0.4.386_51685 or later
Credit Security personnel
Public Date 2024-06-14
Top