Critical ASUS DSL Router Flaw (CVE-2025-59367, CVSS 9.3) Allows Unauthenticated Remote Access

Estimated reading time: 7 minutes

  • Critical authentication bypass vulnerability in ASUS DSL Series Routers.
  • Remote attackers can gain unauthorized access without valid credentials.
  • Update firmware and disable unnecessary services to mitigate the risk.
  • Use strong, unique passwords for Wi-Fi and router administration.
  • Implement supply-chain risk monitoring and breach detection mechanisms.

Table of Contents

Critical ASUS DSL Router Flaw (CVE-2025-59367, CVSS 9.3) Allows Unauthenticated Remote Access

ASUS has issued a security advisory concerning a critical authentication bypass vulnerability in several models of its DSL Series Routers. This Critical ASUS DSL Router Flaw (CVE-2025-59367, CVSS 9.3) Allows Unauthenticated Remote Access, posing a significant threat to home users and small businesses. The vulnerability allows remote actors to gain unauthorized access without valid credentials.

The Vulnerability

According to ASUS, the authentication bypass vulnerability may permit remote attackers to gain unauthorized access to the affected system. This is a severe issue as it allows attackers to bypass the normal login procedures and directly access the router’s settings and functionalities.

Impact of Exploitation

Authentication bypass flaws are among the most dangerous vulnerabilities for networking devices because attackers can:

  • Log in without credentials
  • Modify router settings
  • Hijack internet traffic
  • Install persistent malware
  • Join the device into botnets
  • Intercept sensitive communications

Given the widespread use of ASUS DSL routers in homes and SMEs, exploitation could result in large-scale compromise if users fail to update promptly.

Affected Models and Versions

The update is available for the following models:

Model Fixed Firmware Version
DSL-AC51 1.1.2.3\_1010
DSL-N16 1.1.2.3\_1010
DSL-AC750 1.1.2.3\_1010

ASUS Recommendations

In addition to updating the firmware, ASUS recommends disabling remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP if they are not required. These steps significantly reduce the attack surface but do not fully eliminate the risk.

Additional Security Measures

To further mitigate exposure, ASUS emphasizes essential best practices: Use different, complex passwords for your wireless network and router administration page (at least 10 characters, include uppercase, numbers, and symbols).

The advisory also reminds users: Do not reuse passwords across devices or services and regularly check for new firmware and security announcements.

Supply-Chain Risk and Breach Detection

This vulnerability highlights the importance of supply-chain risk monitoring, as compromised devices within a network can become entry points for broader attacks. Organizations should implement breach detection mechanisms to identify and respond to unauthorized access attempts.

Practical Takeaways

Technical Readers

  1. Immediate Patching: Prioritize updating the firmware of affected ASUS DSL router models to the versions specified in the advisory.
  2. Disable Unnecessary Services: Turn off features like remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP if they are not essential for your network operations.
  3. Review Router Configuration: Examine your router’s configuration for any unusual or unauthorized settings changes.
  4. Network Segmentation: Implement network segmentation to limit the impact of a potential breach on the router.
  5. Password Management: Enforce strong, unique passwords for both the wireless network and the router’s administration page.
  6. Implement a Cyber Threat Intelligence Platform: Integrate threat intelligence feeds to proactively identify and mitigate potential threats targeting ASUS routers.
  7. Monitor Underground Forums: Leverage underground forum intelligence to stay informed about potential exploits and discussions related to the vulnerability.

Non-Technical Readers

  1. Check Your Router Model: Identify the model number of your ASUS DSL router.
  2. Update Firmware: Follow the instructions on the ASUS website to update your router’s firmware. If you are unsure how to do this, seek assistance from a technical professional.
  3. Change Passwords: Update the passwords for your Wi-Fi network and the router’s administration page. Use strong, unique passwords.
  4. Disable Remote Access: If you do not use remote access features, disable them in the router’s settings.
  5. Be Alert for Suspicious Activity: Monitor your network for any unusual activity, such as slow internet speeds or unauthorized devices connecting to your network.
  6. Consult Professionals: If you have concerns about your router’s security, consult with a cybersecurity professional.
  7. Dark Web Monitoring Service: Consider using a dark web monitoring service to track potential mentions of your network or personal information.

How PurpleOps Can Help

PurpleOps provides a suite of services to help organizations strengthen their cybersecurity posture and mitigate risks like those posed by the ASUS DSL router flaw. Our offerings include:

  • Cyber Threat Intelligence Platform: Provides actionable insights into emerging threats, including vulnerabilities in network devices and software.
  • Supply-Chain Risk Monitoring: Identifies and assesses risks associated with third-party vendors and suppliers, including potential vulnerabilities in their products and services.
  • Breach Detection: Employs advanced monitoring and analysis techniques to detect and respond to unauthorized access attempts and data breaches.
  • Underground Forum Intelligence: Monitors underground forums and dark web channels to identify potential exploits and discussions related to vulnerabilities.
  • Brand Leak Alerting: Alerts organizations to potential data leaks and breaches that could compromise sensitive information.

By leveraging PurpleOps’ services, organizations can gain a comprehensive understanding of their threat landscape, proactively identify and mitigate risks, and respond effectively to security incidents.

To learn more about how PurpleOps can help you protect your organization, please visit our website or contact us for a PurpleOps Solutions.

FAQ

What is CVE-2025-59367?

CVE-2025-59367 is a unique identifier for a critical authentication bypass vulnerability found in certain ASUS DSL routers.

Which ASUS router models are affected?

The affected models include DSL-AC51, DSL-N16, and DSL-AC750.

How can I update my router’s firmware?

Visit the ASUS support website and follow the instructions for your specific router model.

What are the risks of not updating my router?

Failure to update can lead to unauthorized access, data breaches, and potential compromise of your network.