CVE-2025-2492

Published Apr 18, 2025

Last updated 3 days ago

CVSS critical 9.2

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-2492 is a vulnerability found in ASUS routers, specifically affecting those with the AiCloud feature enabled. It stems from improper authentication controls within the router's firmware. This flaw allows attackers to bypass security checks by sending crafted requests to the router. By doing so, they can potentially execute unauthorized functions remotely without requiring any authentication.

Description
An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. Refer to the 'ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
Source
54bf65a7-a193-42d2-b1ba-8e150d3c35e1
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.2
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

Weaknesses

54bf65a7-a193-42d2-b1ba-8e150d3c35e1
CWE-288

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

27

  1. ASUS disclosed a critical security flaw in routers with AiCloud enabled, allowing remote attackers to execute functions on vulnerable devices. CVE-2025-2492 is addressed with firmware updates for specific branches. Users should update their routers to the latest version.

    @meet_cipher

    20 Apr 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ASUS routers vulnerable: CVE-2025-2492 exploit alert Major security flaw found in ASUS routers with AiCloud. High-severity vulnerability CVE-2025-2492 allows unauthorized access. Users at risk need immediate patch updates.

    @Ctrl_alt_wtf

    20 Apr 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ASUS製ルーター『AiCloud』機能に認証の脆弱性『CVE-2025-2492』。アップデートを https://t.co/kPAHYBnnV9 #izumino_trend

    @sec_trend

    19 Apr 2025

    30 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Achtung #ASUS-Router-Besitzer: Kritische Sicherheitslücke in AiCloud entdeckt. CVE-2025-2492 ermöglicht unbefugte Funktionsausführung. CVSS-Score: 9,2/10. Schnelles Update dringend empfohlen. #Cybersecurity https://t.co/xWMPbfFSv6

    @WinFuture

    19 Apr 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 📌 أعلنت شركة ASUS عن ثغرة أمنية خطيرة في أجهزة التوجيه المزودة بتقنية AiCloud، مما يتيح للمهاجمين تنفيذ وظائف غير مصرح بها. الثغرة، المعروفة برقم CVE-2025-2492، تمتلك درجة CVSS تبلغ 9.2 من 10. يُنصح المستخدمون بتحديث البرنامج الثابت لحماية أجهزتهم. #الامن_السيبراني https://t.co

    @Cybercachear

    19 Apr 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 Critical ASUS Router Flaw Exposed 9.2 CVSS | Remote Hijack Risk A new bug—CVE-2025-2492—lets attackers remotely execute functions on ASUS routers with AiCloud enabled. 🔗 Details: https://t.co/NWnAOXT2Pj

    @TheHackersNews

    19 Apr 2025

    13139 Impressions

    44 Retweets

    87 Likes

    21 Bookmarks

    1 Reply

    2 Quotes

  7. うむ🫤  お客さんに前導入したヤツ大丈夫か確認せねば… ASUS製ルーター『AiCloud』機能に認証の脆弱性『CVE-2025-2492』。アップデートを | ニッチなPCゲーマーの環境構築Z https://t.co/V5kavUbdtV

    @RB7010

    18 Apr 2025

    18 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨 ASUS router users, heads up! A critical auth bypass vulnerability (CVE-2025-2492) in AiCloud could allow remote code execution. Update your firmware ASAP or disable AiCloud if EOL. Stay safe! 🛡️ #Cybersecurity #ASUS #RouterSecurity https://t.co/A1oGGKBSi0

    @fernandokarl

    18 Apr 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. ASUS warns of a critical authentication bypass vulnerability (CVE-2025-2492) in AiCloud routers, enabling unauthorized remote access. Users must update firmware and secure passwords immediately for protection. #Security https://t.co/kjoyJrhF1J

    @Strivehawk

    18 Apr 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 CVE-2025-2492 ⚠️🔴 CRITICAL (9.2) 🏢 ASUS - Router 🏗️ 3.0.0.4_382 series 🔗 https://t.co/4NXfmoPzQe #CyberCron #VulnAlert #InfoSec https://t.co/SK6ocjBUbP

    @cybercronai

    18 Apr 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨ASUS AiCloud Vulnerability (CVE-2025-2492) Enables Remote Function Execution via Authentication Bypass CVSS Score: 9.2 https://t.co/0YofUq1hWX

    @DarkWebInformer

    18 Apr 2025

    210 Impressions

    1 Retweet

    2 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

References