Attention! Critical flaw in ASUS's Wi-Fi-routers might compromise your data
What's the story
The Indian Computer Emergency Response Team (CERT-In) has issued a major security alert for users of certain ASUS DSL series Wi-Fi routers. The warning highlights a newly discovered authentication bypass vulnerability, which could let remote attackers gain unauthorized access to affected devices. The flaw, identified as CVE-2025-59367, impacts several models widely used in homes and small offices.
Exploitation
Vulnerability allows bypassing security controls on targeted routers
CERT-In has warned that the vulnerability lets attackers bypass security controls on targeted routers. If successfully exploited, it could give them direct access to the device interface. This would let them view or modify configuration settings, intercept sensitive data, and compromise other devices connected to the network. The affected ASUS DSL router models include DSL-AC51, DSL-N16, and DSL-AC750.
User impact
Risk of unauthorized access and data interception
A successful exploit of this vulnerability could let remote attackers monitor network traffic, intercept sensitive information, hijack connected devices, or alter router settings. In the worst-case scenario, they might use the compromised router as a base to launch further scams or intrusions. This includes accessing smart home devices or redirecting users to fraudulent websites. The risk is significantly higher if the router is left unpatched since it can be exploited without user interaction.
User guidance
CERT-In advises immediate firmware updates
CERT-In has advised all affected users to update their router firmware immediately. ASUS has published the relevant security updates and advisories on its official website. Users can check for the fixes and install the latest firmware by visiting ASUS's website. CERT-In also recommends standard security practices like disabling remote access if not needed, changing the default passwords, and reviewing router logs for unusual activity.