Asus Router User – You’ve been pwned

I’ve just purchased a new router, it’s an Asus RT-AC56U, all was working well until a friend in IRC [thanks MartijnVdS] informed me of a security flaw. Essentially, if you’ve ever had a hard drive attached to the USB port on the router, have FTP enabled, which is on for various models, then in some situations you can see the entire contents of that external drive online. Understandably I panicked, but then realised, I’ve not got these functions enabled, and don’t have an external drive attached. I did though upgrade to the latest firmware and rebooted.

If you think this might affect you, then read this

You might want to think about upgrading your firmware and change any passwords. Possibly even disconnect your hard drive.

You may also want to make sure you’re IP isn’t on this page – if it is then from a browser type ftp://ipaddress and see if you can see your files, if you’re unpatched they will appear which is utterly gobsmacking 😦

Don’t let yourself get caught out.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s