Summary: ASUS has issued a warning regarding a critical authentication bypass vulnerability (CVE-2025-2492) in routers with AiCloud enabled, which allows remote attackers to execute unauthorized functions on the device. This vulnerability is rated 9.2 on the CVSS v4 scale and can be exploited without authentication using a specially crafted request. Users are advised to update their firmware and secure their networks to mitigate potential risks.
Affected: ASUS routers with AiCloud enabled
Keypoints :
- A critical vulnerability (CVE-2025-2492) allows remote execution of functions without authentication.
- ASUS has released firmware updates for various router models and advises users to upgrade immediately.
- Recommendations include using strong passwords and disabling AiCloud for end-of-life products to enhance security.