Read about this this morning, thought it would be a good idea to post here.
There is a remote root exploit that effects ASUS WRT firmware used on RT-AC66U, RT-N66U, and other routers.
The attack allows a specially crafted UDP boadcast to execute commands as root on any affected ASUS routers on a LAN.
Technical details and a proof of concept have been posted in a github project @ https://github.com/jduck/asus-cmd
CVE: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9583
There is a remote root exploit that effects ASUS WRT firmware used on RT-AC66U, RT-N66U, and other routers.
The attack allows a specially crafted UDP boadcast to execute commands as root on any affected ASUS routers on a LAN.
Technical details and a proof of concept have been posted in a github project @ https://github.com/jduck/asus-cmd
CVE: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9583