Cyber security center warns about vulnerabilities in Asus routers after denial-of-service attack

The Cyber Security Center warns about incorrectly connected routers, which can expose devices to harmful internet traffic. In early October, a significant denial-of-service attack was detected, targeting a large number of Asus routers due to a vulnerability that allowed attackers access to these devices.

The affected Asus router models include:
– ZenWiFi XT8 version 3.0.0.4.388_24609 and earlier
– ZenWiFi XT8 version V2 3.0.0.4.388_24609 and earlier
– RT-AX88U version 3.0.0.4.388_24198 and earlier
– RT-AX58U version 3.0.0.4.388_23925 and earlier
– RT-AX57 version 3.0.0.4.386_52294 and earlier
– RT-AC86U version 3.0.0.4.386_51915 and earlier
– RT-AC68U version 3.0.0.4.386_51668 and earlier

The Cyber Security Center advises keeping router security up to date and ensuring that cables are connected correctly. Many routers have similarly shaped WAN and LAN ports. Only the WAN port should connect to the internet service cable, while LAN ports are used for devices like computers and printers within a home network.

Users must not connect the internet cable to a LAN port, as this bypasses the router’s security protections, exposing devices directly to harmful internet traffic. The Security Police has highlighted that unsecured routers could even be exploited for foreign espionage.

To secure home routers, users should change the default password, disable remote management, and enable automatic updates to address security vulnerabilities.