Asus routers can be hacked from local network2015-01-12 16:07 by Daniela
Tags: ASUS, router
Security researcher Joshua Drake has found a bug in several Asus routers that allows an attacker on the local network to take full administrative control of the router without the need for a password. The vulnerability (CVE-2014-9583) affects the Asus RT-AC66U, RT-N66U and other routers with the most recent firmware.
"Several models of ASUS's routers include a service called infosvr that listens on UDP broadcast port 9999 on the LAN or WLAN interface. It's used by one of ASUS's tools to ease router configuration by automatically locating routers on the local subnet," Drake said. "This service runs with root privileges and contains an unauthenticated command execution vulnerability," he added.
Despite not allowing remote attackers to access the router, this vulnerability poses high risk for those who use their ASUS routers to setup hotspots and other public Wi-Fi networks.
As no patch is available yet, the only solution for owners of those routers is to disable the infosvr service after each boot. Alternatively, they could also block access to UDP port 9999.
Read more -here-
There is more information on port 9999 available in our ports database, as well as the ability to check if it is open on your network.