Some models of ASUS routers include a service called infosvr that listens on a UDP port on the LAN or WLAN interface. The service runs with root privileges and contains an unauthenticated command execution vulnerability. Vulnerability lays in common.c in ASUS WRT firmware 18.104.22.168.376_1071, 22.214.171.1246.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999.
Manually check the version of the firmware running on a router and download/install the new firmware, if required.
- ASUS Router infosvr UDP Broadcast root Command Execution
- Vulnerability details
- Got an Asus router? Someone on your network can probably hack it