ASUS has released an urgent security advisory warning customers about a critical authentication bypass vulnerability affecting routers with the AiCloud feature enabled.
The flaw could allow remote attackers to execute unauthorized functions on affected devices without requiring any authentication credentials.
The vulnerability, identified as CVE-2025-2492, has received a critical severity rating with a CVSS v4 score of 9.2.
According to ASUS’s security bulletin, “An improper authentication control vulnerability exists in certain ASUS router firmware series. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions.”
AiCloud is a popular feature built into many ASUS routers that transforms these devices into personal cloud servers. It enables users to remotely access files stored on USB drives connected to their routers, stream media content, synchronize files between their home network and other cloud storage services, and share files through generated links.
The security flaw impacts a wide range of ASUS router models across multiple firmware branches, including the 3.0.0.4_382 series, 3.0.0.4_386 series, 3.0.0.4_388 series, and 3.0.0.6_102 series.
To address this critical vulnerability, ASUS has released firmware updates for affected models. The company strongly recommends that users upgrade to the latest firmware version available for their specific router model. Users can find the appropriate firmware on ASUS’s support portal or through the product finder page.
In addition to applying firmware updates, ASUS advises implementing several security best practices, including using strong, unique passwords for both wireless network access and router administration. These passwords should be at least 10 characters long and incorporate a combination of letters, numbers, and special characters.
For users of end-of-life router models that no longer receive firmware updates, ASUS recommends completely disabling the AiCloud feature. These users should also disable internet access for several services, including WAN, port forwarding, DDNS, VPN server functionality, DMZ, port triggering, and FTP services.
While there have been no confirmed reports of attackers actively exploiting this vulnerability in the wild, and no public proof-of-concept exploit code has been released, security experts warn that router vulnerabilities are prime targets for cybercriminals seeking to infect devices with malware or incorporate them into botnet networks for distributed denial-of-service (DDoS) attacks.
“We take every care to ensure that ASUS products are secure in order to protect the privacy of our valued customers,” Asus said.
“We constantly strive to improve our safeguards for security and personal information in accordance with all applicable laws and regulations, and we welcome all reports from our customers about product-related security or privacy issues. Any information you supply to ASUS will only be used to help resolve the security vulnerabilities or issues you have reported. This process may include contacting you for further relevant information.”
