Sign in Subscribe

Asus Warns of New Critical Vulnerability in Routers with AiCloud

Asus Warns of New Critical Vulnerability in Routers with AiCloud

Asus released firmware updates to fix nine vulnerabilities, including a critical authentication bypass issue in routers with the AiCloud feature enabled.

AiCloud is a cloud-based remote access feature built into many Asus routers that transforms them into private cloud servers. The feature allows users to access files stored on USB drives connected to the router, remotely stream media, sync files between the home network and other cloud services, and share files with other users through generated links.

Critical Vulnerability Details

Per Asus developers, the critical vulnerability CVE-2025-59366 stems from an unintended side effect in Samba functionality and potentially allows execution of various functions without proper authorization.

Remote, unprivileged attackers can exploit this flaw by combining path traversal and command injection in attacks that require no user interaction.

Patch Availability and Affected Models

The company strongly recommends that all users immediately update their router firmware to the latest version. However, Asus does not specify which device models are vulnerable. The manufacturer only lists the firmware versions that address all nine issues: series 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102.

For owners of old and unsupported devices that will not receive patches, Asus recommends disabling all services accessible from the internet: remote access via WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP. The company also advises disabling remote access to devices with AiCloud that are vulnerable to CVE-2025-59366 attacks.

Previous AiCloud Vulnerabilities

In April 2025, Asus developers fixed another critical authentication bypass vulnerability (CVE-2025-2492) that was also related to AiCloud and was triggered by specially crafted requests.

CVE-2025-2492, alongside six other vulnerabilities, was exploited to compromise thousands of Asus routers as part of the WrtHug malicious campaign. These attacks targeted outdated and unsupported devices in Taiwan, Southeast Asia, Russia, Central Europe, and the USA.