Number: IRCNE2014022108
Date: 2014/02/18
According to “cnet”, it may be news to you that some Asus wireless routers leave your computer and networked drives open to hackers, but Asus has known about the problems for months, reports indicate.
The vulnerabilities make it possible for hackers to access directories on networked drives using Asus' proprietary AiCloud option. Enabling features such as "Cloud Disk," "Smart Access," and "Smart Sync" appear to enable the vulnerability, security researcher Kyle Lovett told Ars Technica.
Enabling the file-sharing tool Samba in the router also exposes the vulnerability to hackers.
Lovett told CNET that following his report of a related vulnerability in June that exposes hard drives of computers connected to the affected Asus routers, he reported to Asus representative Nick Mijuskovic the newer flaw to Asus in both September and November to no avail.
"I only received a reply of we'll look into it," Lovett wrote in an e-mail.
Asus did not immediately respond when asked for comment. CNET will update the story when we hear back from the company.
Two weeks ago, suspected hackers posted a list of more than 13,000 IP addresses gleaned from vulnerable Asus routers.
The vulnerability affects nearly a dozen Asus routers, including the RT-AC66R, RT-AC66U, RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16, and RT-N16R. Apparently, Asus has released a firmware update that patches the vulnerabilities, but owners of those routers will have to manually install the update by going to the Asus site and following their instructions.
- 2