Should I Be Worried about CVE-2024-3080?

[Sortova]

It looks like my ASUS XT8 mesh could be vulnerable to a remote access exploit

https://www.bleepingcomputer.com/news/security/asus-warns-of-critical-remote-authentication-bypass-on-7-routers/

I can't find out much information on the exploit itself, and I'm running Merlin instead of the stock firmware, but the latest firmware update is dated June 10th and the CVE was published on the 14th.

Any help appreciated.

[Sortova]

Ah, from the support forums this was patched:

Please use the forum search, this BleepingComputer article has been posted several previous times to several different areas of the Asus subforum. Asus has already released updated firmware for those seven affected routers in March/April of this year.

[Sortova]

Thanks. The discussion on SNBForums was confusing. I'll look forward to the release.

[Sortova]

Hey - just wanted to check in on any update on this issue. I've shut down all my external services, but I was kinda using them (grin)

Sorry to ask here but I've been waiting for awhile to be verified on the Discord channel and I'm still locked out.

[gnuton]

Hey, no updates yet, still working on it

[gnuton]

The DSL-AC68U should already have the fix. If interested get the beta

[Sortova]

I'm running an XT8 (AX6600) so I need RT-AX95Q. I assume RT-AX95Q_3004_388.8_0-gnuton0_alpha1 has the fix? Happy to try it out but just wanted to make sure the fix was included (I didn't see mention of it in the CHANGELOG)

[Loec-0616]

谁有poc？

[gnuton]

English please

[imaami]

The Loec-0616 account was created apparently only for posting this question, which Google translate says is Chinese for "who has a POC?".

Kill it with fire. Figuratively of course. This is beyond sus.

[imaami]

Just to add some context, this exact CVE was used in the historically massive DDoS against Cloudflare early October 2024.