華碩7款路由器有驗證繞過漏洞,應立即更新韌體
支付動態 · 2024-06-18

華碩於6月14日修補存在於ZenWiFi XT8等7款路由器產品的安全漏洞CVE-2024-3080,這項漏洞允許未經身分鑑別之遠端攻擊者登入設備

背景圖片取自geralt on pixabay

華碩7款家用及消費性路由器產品傳出重大驗證繞過漏洞,可讓未經授權的攻擊者遠端登入裝置。華碩及資安專家呼籲用戶儘早安裝新版軟體。

這項驗證繞過漏洞編號CVE-2024-3080,發生在華碩家用及消費性路由器產品的韌體,影響ZenWiFi XT8、ZenWiFi XT8 V2、RT-AX88U、RT-AX58U、RT-AX57、RT-AC86U及RT-AC68U。

華碩已在上周安全公告中發布新版韌體下載連結,呼籲用戶儘速更新。華碩並呼籲用戶不要使用預設密碼,並設定混合字元,最少10位元的密碼。

該漏洞技術細節不明。但TWCERT/CC公告,CVE-2024-3080為一鑑別繞過漏洞,允許未經身分鑑別的遠端攻擊者登入設備,風險值達9.8。

華碩同時更新了CVE-2024-3079的韌體問題,它是風險值7.2的堆疊式緩衝溢位漏洞。最新漏洞可讓取得管理權限的遠端攻擊者在路由器上執行任意指令。兩漏洞都是由同一資安研究員通報。

同一波安全修補行動中,華碩還修補了影響Asus下載大師(Download Master)App中的5項中度風險漏洞CVE-2024-31159到2024-31163,該公司已主動更新該App解決安全問題。

熱門文章
Indiana online casino bill stalls in House committee
Regulation
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
British gambling levy rates confirmed for each vertical
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
首頁
遊戲
合作
發現
我的