Asus has issued a warning about a critical vulnerability in its routers related to the Aicloud feature. This vulnerability allows remote attackers to carry out unauthorized actions on the device without the need for authorization. The issue has been assigned the identifier CVE-2025-2492 and has been deemed extremely dangerous with a rating of 9.2 on the CVSS V4 scale. The vulnerability can be exploited using a specially crafted request.
Aicloud is a cloud function integrated into several ASUS routers, turning them into mini-servers. Users can utilize this feature to remotely access files stored on USB drives, stream media, synchronize data between the home network and cloud services, and share files over the Internet.
The vulnerability affects a wide range of models, and Asus has already released firmware updates for various series, including 3.0.0.4_382, 3.0.4_386, 3.0.0.4_388, and 3.0.6_102. Users are advised to promptly install the latest firmware version, available on the ASUS support portal or through specific models. Detailed update instructions can also be found on the support portal.
Asus recommends setting up strong, unique passwords for both the wireless network and the router control panel, with a minimum length of 10 characters, utilizing letters, numbers, and special characters. For devices that are no longer supported by the manufacturer (End-OF-LIFE), Asus advises disabling Aicloud completely and blocking access to the Internet for Wan functions, Port Passes, DDNS, VPN, DMZ, Port trigger, and FTP.
While there have been no reports of the vulnerability being exploited or the existence of a public exploit, such vulnerabilities are often targeted by malicious actors to distribute malware or add devices to botnets. Therefore, ASUS router owners are urged to install updates immediately to safeguard against potential attacks.