EUVD-2025-209041
GHSA-x6h5-48q8-5528
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Tags
Description
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated user on the affected device, including the ability to execute system commands through unintended mechanisms. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.
Analysis
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Web management interface of ASUS router models that allows an unauthenticated attacker to perform actions with the privileges of an authenticated administrator, potentially including arbitrary system command execution. The vulnerability affects ASUS router products across multiple versions due to insufficient CSRF token validation in the web interface. While no CVSS score or EPSS data is currently available, the ability to execute system commands on a network-critical device represents a critical severity threat.
Technical Context
This vulnerability is rooted in CWE-352 (Cross-Site Request Forgery), which occurs when a web application fails to properly implement anti-CSRF mechanisms such as synchronizer tokens, SameSite cookie attributes, or request origin validation. ASUS router web management interfaces (identified via CPE cpe:2.3:a:asus:router:*:*:*:*:*:*:*:*) handle sensitive operations including network configuration and system administration through HTTP POST requests. The lack of proper CSRF token validation allows an attacker to craft malicious web pages that, when visited by an authenticated router administrator, can trigger unintended state-changing operations and potentially escalate to remote code execution through embedded system command mechanisms.
Affected Products
ASUS router models across all versions are affected according to the CPE identifier cpe:2.3:a:asus:router:*:*:*:*:*:*:*:*. The vulnerability spans an unspecified version range, suggesting either a broad product line exposure or that specific version information is still being disclosed. Users should consult the ASUS Security Advisory at https://www.asus.com/security-advisory/ for a definitive list of affected models and version numbers, as the advisory reference indicates ASUS has published detailed scope information in their official security bulletin.
Remediation
Users must apply the security firmware update provided by ASUS for their specific router model as documented in the ASUS Security Advisory at https://www.asus.com/security-advisory/. Administrators should immediately check the advisory, identify their router model, and apply the patched firmware version. As interim mitigations pending firmware availability, restrict access to the router's web management interface to trusted IP addresses only, disable remote management features if not required, enforce strong authentication credentials, and consider implementing a Web Application Firewall (WAF) or reverse proxy with CSRF token validation between users and the router interface if feasible in the network topology.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today