Critical ASUS router bug lets hackers in remotely
ASUS has released a patch for a critical-severity vulnerability, tracked as CVE-2025-2492, affecting certain routers with AiCloud enabled. This flaw, rated 9.2/10, allows threat actors to execute functions on exposed devices remotely and without authorization via a custom-tailored request.
AiCloud is a feature integrated into many ASUS routers, transforming the home network into a personal cloud server. Users can access, stream, sync, and share files stored on USB drives connected to the router from anywhere with an internet connection. The vulnerability was found in firmware versions released after February 2025, specifically 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102.
The flaw affects devices that are still supported, and users can download the necessary firmware updates directly from the ASUS website. For devices that have reached end-of-life, ASUS advises users to disable AiCloud entirely. Additionally, users should disable internet access for WAN, as well as port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP services to safeguard their devices.
To further secure their routers, ASUS recommends using unique, strong passwords for wireless networks and router administration pages. This includes making passwords at least 10 characters long and ensuring they are a mix of lowercase and uppercase letters, numbers, and special symbols. Although there is no evidence that the flaw is being actively exploited, the critical CVSS rating implies that exploitation could have a significant impact.
2 smart ways to resize text in Copilot for Windows 11
At the time of publication, the vulnerability was not listed on CISA’s Known Exploited Vulnerabilities (KEV) catalog, which is often an indicator of active exploitation. Users are advised to apply the patch promptly to prevent potential unauthorized access to their devices.