@UKTechHub

UKTechHub

UK Tech Forums

PayPal-Donate button
.
.

Another ASUS AiCloud Security Vulnerability Discovered — November 2025 On November 25, 2025, ASUS issued a critical advisory revealing yet another major security flaw in its AiCloud service. The vulnerability, tracked as CVE‑2025‑59366, carries a CVSS score of 9.2…

UKTH forums 🛜 Wireless Routers & Modems ASUS & Wireless Another ASUS AiCloud Security Vulnerability Discovered — November 2025 On November 25, 2025, ASUS issued a critical advisory revealing yet another major security flaw in its AiCloud service. The vulnerability, tracked as CVE‑2025‑59366, carries a CVSS score of 9.2...

NEWS
Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • November 27, 2025 at 8:10 pm #40340
    UK SentinelUK Sentinel
    Keymaster
    • Replies 8,307
    • The Skipper

    On November 25, 2025, ASUS issued a critical advisory revealing yet another major security flaw in its AiCloud service. The vulnerability, tracked as CVE‑2025‑59366, carries a CVSS score of 9.2 and allows attackers to bypass authentication, execute arbitrary commands, and potentially take full control of affected routers.

    Details of the Vulnerability

    • CVE‑2025‑59366 (Critical): Exploits Samba functionality in AiCloud through a combination of path traversal and OS command injection.
    • Severity: Rated 9.2 (Critical) due to low complexity and no user interaction required.
    • Affected Devices: ASUS has not listed specific models, but all routers with AiCloud enabled are considered at risk.
    • Additional flaws patched: Eight other vulnerabilities were addressed in the same advisory, including three high‑severity issues (CVE‑2025‑59370, CVE‑2025‑59371, CVE‑2025‑12003).

    https://www.bleepingcomputer.com/news/security/asus-warns-of-new-critical-auth-bypass-flaw-in-aicloud-routers/

    Share the knowledge

    In a completely sane world, madness is the only freedom (J.G.Ballard).

    November 27, 2025 at 8:14 pm #40341
    UK SentinelUK Sentinel
    Keymaster
    • Replies 8,307
    • The Skipper

    ASUS have already started released fixes to address multiple vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled

     

    New ASUS firmware patches critical AiCloud vulnerability

    Share the knowledge

    In a completely sane world, madness is the only freedom (J.G.Ballard).

    November 27, 2025 at 8:18 pm #40342
    UK SentinelUK Sentinel
    Keymaster
    • Replies 8,307
    • The Skipper

    Rumour has it that RMerlin is considering not including AiCloud in his future AsusWRT-Merlin builds …..

     

    https://linustechtips.com/topic/1588835-feedback-asuswrt-merlin-custom-gpl-firmware-removal-of-aicloud-due-to-vulnerabilities/

    Share the knowledge

    In a completely sane world, madness is the only freedom (J.G.Ballard).

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.
Latest Posts