Security News > 2024 > June > ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

2024-06-17 14:39
ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. "Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device,"
News URL
https://thehackernews.com/2024/06/asus-patches-critical-authentication.html
Related news
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- GitLab patches critical authentication bypass vulnerabilities (source)
- ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware (source)
- Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- Critical flaw in Next.js lets hackers bypass authorization (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- Broadcom warns of authentication bypass in VMware Windows Tools (source)
- Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-14 | CVE-2024-3080 | Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device. | 0.0 |