CVE-2024-3080 Scanner

ASUS DSL-AC88U is a high-performance router designed for home and small office networks, offering fast internet speeds and extensive security features. It is widely used by individuals and businesses that require a reliable networking device with advanced security options. The router supports multiple connectivity options, including ADSL, VDSL, and fiber networks. Users often choose ASUS routers for their strong Wi-Fi performance and ease of use. With built-in security functionalities, these routers help prevent unauthorized access and cyber threats. However, vulnerabilities in the router's firmware can expose users to security risks.

This scanner detects an authentication bypass vulnerability in the ASUS DSL-AC88U router, classified as "Missing Authorization." Attackers can exploit the flaw to gain unauthorized access to restricted areas of the router's web interface. The issue arises due to improper authentication handling when specific URL encoding techniques are used. Affected models allow attackers to bypass security mechanisms by appending encoded directory traversal sequences to the requested URL. This vulnerability increases the risk of unauthorized control over network settings. As a result, attackers may manipulate configurations or extract sensitive information from the router.

The vulnerability is found in the router's web interface, where improper authentication validation permits unauthorized access. By appending encoded traversal sequences such as "/js/..%2f%2f" or "/images/..%2f%2f," attackers can bypass login restrictions. These malformed URLs trick the router into granting access to otherwise protected sections of the interface. Affected endpoints include configuration and setup pages that should be restricted to authenticated users. When exploited, the system fails to enforce proper authentication mechanisms. This flaw potentially exposes critical router functions to remote attackers.

Exploiting this vulnerability can lead to severe security consequences. Attackers may gain administrative control over the router, allowing them to alter configurations, disable security settings, or redirect network traffic. Sensitive information such as Wi-Fi credentials and network logs could be exposed. Unauthorized modifications to firewall and access control settings may open the network to further attacks. Additionally, compromised routers could be used as part of larger botnets or leveraged in further exploits. If left unpatched, affected devices remain at risk of unauthorized access and control.

REFERENCES

• https://github.com/Shuanunio/CVE_Requests/blob/main/ASUS/DSL-AC88U/ACL%20bypass%20Vulnerability%20in%20ASUS%20DSL-AC88U.md
• https://thehackernews.com/2024/06/asus-patches-critical-authentication.html
• https://nvd.nist.gov/vuln/detail/CVE-2024-3080