ASUS routers receive patches for critical vulnerabilities affecting more than a dozen product lines
Nearly 20 models have been affected by a spate of vulnerabilities, including two rated ‘critical’


ASUS has announced a raft of firmware updates to fix critical vulnerabilities found in a number of router devices.
The firm revealed that nine security vulnerabilities were discovered in networking appliances - two of which were rated as ‘critical’ with six designated as ‘high’ risk.
Tracked as CVE-2018-1160 and CVE-2022-26376, the two critical vulnerabilities were given a 9.8 severity rating out of a possible 10, the company said.
Analysis shows that the former of these pertains to an out of bounds write bug found in Netatalk prior to version 3.1.12. This near-five-year-old vulnerability could enable an unauthorised party to achieve arbitrary code execution.
Meanwhile, CVE-2022-26376 is a memory corruption vulnerability found in Asuswrt and Asuswrt-Merlin New Gen firmware. This flaw could allow an attacker to trigger this vulnerability by leveraging a “specially-crafted HTTP” request, which would cause memory corruption.
Nearly 20 router models have been affected by disclosed vulnerabilities, ASUS revealed.
These include:
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
- GT6
- GT-AXE16000
- GT-AX11000 PRO
- GT-AXE11000
- GT-AX6000
- GT-AX11000
- GS-AX5400
- GS-AX3000
- XT9
- XT8
- XT8 V2
- RT-AX86U PRO
- RT-AX86U
- RT-AX86S
- RT-AX82U
- RT-AX58U
- RT-AX3000
- TUF-AX6000
- TUF-AX5400.
In its security advisory on 19 June, ASUS urged customers to patch affected routers as soon as possible to avoid risk of exposure.
The firm warned that customers choosing not to install new firmware updates should disable services accessible from via WAN to “avoid potential unwanted intrusions”.
“These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger,” ASUS said.
The company also recommended frequent auditing of equipment to ensure firmware is up to date and to mitigate risk.
“We strongly encourage you to periodically audit both your equipment and your security procedures, as this will ensure that you will be better protected,” the firm said.

Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.
He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.
For news pitches, you can contact Ross at ross.kelly@futurenet.com, or on Twitter and LinkedIn.
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly
-
Looking for a new mini PC? The ASUS NUC 15 Pro+ is a productivity powerhouse – it’s quieter than previous models, AI-enabled, and is very compact
News ASUS’ tiny desktop device is aimed at power users and those with upgrades in mind
By Rory Bathgate
-
Asus Zenbook S14 (2024) review: Putting Intel's new Core Ultra CPUs to the test
Reviews Intel's Lunar Lake tech lets it down on multi-threaded performance but makes up for it with single-core and GPU speeds – plus excellent battery life
By Stuart Andrews
-
Asus ProArt PX13 review: An exceptional device for power users and creatives on the go
Reviews Packing cutting-edge components into a compact chassis, the Asus ProArt PX13 might be the ultimate Windows laptop for creatives on the move
By Stuart Andrews
-
Asus Zenbook S16 (UM5606) review: A stunning showcase for AMD's new AI tech
Reviews With impressive all-round performance and an excellent OLED screen, the new Zenbook S16 delivers fantastic value for business and creative pros
By Stuart Andrews
-
Asus Vivobook S15 Copilot+ PC review: The Snapdragon X Elite goes mainstream
Reviews Cutting-edge hardware and a fantastic screen make this a strong Copilot+ PC, even if the design is low on flair
By Stuart Andrews
-
Asus Vivobook S16 (S5606) Review: An outstanding 16-inch lightweight OLED laptop
Reviews The sublime 3.2K 120Hz OLED display is the cherry on top of this excellent ultrabook, boasting the latest Intel silicon, good connectivity and solid battery life.
By Alun Taylor
-
Asus Chromebook Enterprise Flip CB5 review: A big-screen Chromebook built for business
Reviews Good design, strong ergonomics, impressive performance, and a bigger screen make this a brilliant, business-ready Chromebook for long working days
By Stuart Andrews
-
Asus Vivobook Pro 15 OLED (N6506) Review: A high-quality all-rounder for a reasonable price
Reviews With a potent Nvidia GPU and superb 120Hz OLED display, the new Vivobook Pro is a superb do-it-all laptop that won't break the bank
By Alun Taylor