Tech Made Simple

Hot Topics: Samsung Galaxy S6 | Best iPhone & Android Apps | Best TV Under $500 & Under $1,000 | Best Wireless Music System

Techlicious Blog

author photo

Major Security Flaw Discovered in Asus Routers, Too

by on February 18, 2014
in Computer Safety & Support, News, Computers and Software, Computers & Accessories, Accessories, Internet & Networking, Blog, Privacy :: 0 comments

Asus RT-AC66R router with AiCloudIf you keep an external hard drive plugged in to your Asus router, you'll likely want to disconnect it immediately.

Ars Technica is reporting that hackers are actively exploiting a giant security vulnerability in Asus routers. The contents of USB hard drives that have been physically attached to select router models are being made available to anyone with a web browser and the device’s IP address, with no password or other authentication.

According to security researcher Kyle Lovett, the vulnerability affects the following router models: RT-AC66R, RT-AC66U, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, RT-N14U, RT-N16 and RT-N16R.

The vulnerability is caused by the routers’ AiCloud remote access feature. Unlike the remote access vulnerability in Linksys routers we reported on yesterday, AiCloud (and the security hole therein) is turned on by default. Manually turning off AiCloud will seal the vulnerability.

If you want to keep your external drive attached to your router and continue to use the AiCloud service, Asus quietly released a firmware patch to correct the issue last year. Your router will remain vulnerable until you download and install it.

You can find the firmware update for your Asus router by visiting the company’s drivers and download page. For more on keeping your computer and network secure, check out these 6 ways to protect yourself from online threats.

Subscribe to the Techlicious Daily Email!

Get the Techlicious Guide to Great Photography as your FREE gift!

Discussion loading

© 2014 Techlicious LLC. :: Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us :: Terms of Use | Privacy Policy

site design: Juxtaprose