Old ASUS Vulnerability Shows up out of nowhere!


ASUS router users should pay attention. Our SOC started seeing an old vulnerability CVE-2014-9583 originating from 179.219.203[.]40. End users should stay vigilant.

Recently there have been a large number of attacks on network routers since ISP's seem to forget that the default passwords need to be changed. We have seen large botnets forming and being used in some very large attacks. While most ASUS brand routers have probably been patched against this threat, it is probably a good idea to make sure your router is not vulnerable and if it is, obtain new firmware that you know is clean and reflash your devices.

This is a very old and well known exploit so we were surprised to see this type of activity against a customers router as we have not seen this type of attack since late 2016.

Description

common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change.

#SecurityAlerts

7 views

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.