Critical Vulnerability Discovered in ASUS AiCloud Routers

ASUS, one of the world’s leading technology companies, has announced the discovery of a highly critical vulnerability in its routers with the AiCloud feature enabled. Identified as CVE-2025-2492, this vulnerability allows attackers to gain unauthorized access to the device and remotely execute arbitrary functions. Rated at 9.2 out of 10 on the CVSS (Common Vulnerability Scoring System), this flaw underscores its severe impact and urgency.

According to ASUS’s official statement, the issue stems from an insufficiently robust authentication mechanism. Specifically, a specially crafted malicious request can exploit this vulnerability to gain control over the device. This poses a significant risk, particularly for routers with the AiCloud feature activated.

Affected Versions

ASUS has released firmware updates to address this vulnerability in the following versions:

  • 3.0.0.4_382
  • 3.0.0.4_386
  • 3.0.0.4_388
  • 3.0.0.6_102

The company strongly urges all users to update their router firmware to one of these patched versions as soon as possible.

Additional Security Recommendations

ASUS has provided guidance not only to address this vulnerability but also to enhance overall cybersecurity practices:

  • Use strong and unique passwords for your Wi-Fi network and router admin panel.
  • Ensure each password is at least 10 characters long, incorporating a mix of uppercase letters, numbers, and special characters.
  • Avoid simple or sequential passwords such as “1234567890,” “abcdefg,” or “qwertyuiop.”
  • Use distinct passwords for each service or device—reusing the same password across multiple platforms is a significant security risk.

Contingency Measures

If your device cannot receive the update or if your router has reached its End-of-Life (EoL) and is no longer supported by the manufacturer, ASUS recommends the following steps:

  • Disable the AiCloud feature.
  • Turn off services accessible via the internet, such as remote WAN access, port forwarding, DDNS, VPN server, DMZ, FTP, and others.
  • Set strong passwords for both the router and Wi-Fi network.

The Importance of Router Security

Routers are critical components in securing home and office networks in today’s connected world. Devices integrated with cloud services like AiCloud, which are constantly connected to the internet, face heightened risks. As such, any identified vulnerability must be addressed promptly with decisive action. ASUS’s swift response and clear instructions to users exemplify a responsible approach to cybersecurity.

🔒 If you are using an ASUS router, check for firmware updates immediately and take the necessary steps to secure your device. Your network’s safety is in your hands.