Critical authentication bypass flaw reported in ASUS Routers with AiCloud

ASUS has issued a warning about a critical authentication bypass vulnerability affecting routers with the AiCloud feature enabled. This security flaw could allow remote attackers to perform unauthorized execution of functions on affected devices without requiring authentication.

AiCloud is a cloud-based remote access feature built into many ASUS routers that transforms them into mini private cloud servers. It provides users with the ability to access files stored on USB drives connected to the router from anywhere over the internet, stream media remotely, sync files between home networks and other cloud storage services and share files with others via links

The vulnerability is tracked as CVE-2025-2492 (CVSS score 9.2) - An improper authentication control vulnerability that can be triggered by a specially crafted request, potentially leading to unauthorized execution of functions on the router. The flaw doesn't require authentication, is remotely exploitable and affects a wide range of ASUS router models

The vulnerability impacts multiple firmware branches, including:

• 3.0.0.4_382 series
• 3.0.0.4_386 series
• 3.0.0.4_388 series
• 3.0.0.6_102 series

ASUS has released patches for the affected firmware series and recommends that users:

1. Upgrade to the latest firmware version available for their specific model through the ASUS support portal or product finder page
2. Use complex distinct passwords for wireless networks and router administration pages that are at least 10 characters long with a mix of letters, numbers, and symbols
3. Do not reuse passwords across multiple devices or services

For users with end-of-life products who cannot update firmware, ASUS advises:

1. Disabling AiCloud entirely
2. Turning off internet access for various services including WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP

There are currently no reports of active exploitation or public proof-of-concept exploits for CVE-2025-2492 but attackers commonly target these types of vulnerabilities to infect devices with malware or recruit them into DDoS botnets. It is strongly recommended that all ASUS router users upgrade to the latest firmware as soon as possible.