CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2021-32030

CVSS 9.8v3.1pub. 2021-05-06upd. 2025-11-10

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_384_46630 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations. Note: All versions of Lyra Mini and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability, Consumers can mitigate this vulnerability by disabling the remote access features from WAN.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Asus Gt Ac2900

    HW
    Asus
    wszystkie wersje
  • Asus Gt Ac2900 Firmware

    OS
    Asus
    < 3.0.0.4.386.42643
  • Asus Lyra Mini

    HW
    Asus
    wszystkie wersje
  • Asus Lyra Mini Firmware

    OS
    Asus
    < 3.0.0.4.384.46630

CISA KEV — detailsi

Vendori
ASUS
Producti
Routers
Added to KEVi
June 2, 2025
Remediation deadline (US Federal)i
June 23, 2025(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

ASUS Lyra Mini and ASUS GT-AC2900 devices contain an improper authentication vulnerability that allows an attacker to gain unauthorized access to the administrative interface. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 23 czerwca 2025
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2018-20334CRITICAL9.8ten sam produkt

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is...

CVE-2018-20333HIGH7.5ten sam produkt

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp ...

CVE-2018-20335HIGH7.5ten sam produkt

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd s...

CVE-2025-59374CRITICAL9.3⚠ KEVPL ✓ten sam vendor

ASUS Live Update — kompromitacja łańcucha dostaw (supply chain compromise)

CVE-2025-59367CRITICAL9.3PL ✓ten sam vendor

Authentication bypass w routerach ASUS z serii DSL — nieautoryzowany dostęp zdalny