CVE-2014-2718

Name of the Vulnerable Software and Affected Versions ASUS RT-AC68U versions prior to 3.0.0.4.376.x ASUS RT-AC66R versions prior to 3.0.0.4.376.x ASUS RT-AC66U versions prior to 3.0.0.4.376.x ASUS RT-AC56R versions prior to 3.0.0.4.376.x ASUS RT-AC56U versions prior to 3.0.0.4.376.x ASUS RT-N66R versions prior to 3.0.0.4.376.x ASUS RT-N66U versions prior to 3.0.0.4.376.x ASUS RT-N56R versions prior to 3.0.0.4.376.x ASUS RT-N56U versions prior to 3.0.0.4.376.x

Description The issue allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image, as the routers do not verify the integrity of firmware update information or downloaded updates.

Recommendations For ASUS RT-AC68U versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-AC66R versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-AC66U versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-AC56R versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-AC56U versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-N66R versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-N66U versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-N56R versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later. For ASUS RT-N56U versions prior to 3.0.0.4.376.x, update the firmware to version 3.0.0.4.376.x or later.