CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2025-59367

CVSS 9.3v4.0pub. 2025-11-13upd. 2026-02-06

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Asus Dsl Ac51

    HW
    Asus
    wszystkie wersje
  • Asus Dsl Ac51 Firmware

    OS
    Asus
    < 1.1.2.3_1010
  • Asus Dsl Ac750

    HW
    Asus
    wszystkie wersje
  • Asus Dsl Ac750 Firmware

    OS
    Asus
    < 1.1.2.3_1010
  • Asus Dsl N16

    HW
    Asus
    wszystkie wersje
  • Asus Dsl N16 Firmware

    OS
    Asus
    < 1.1.2.3_1010
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2017-14698CRITICAL9.8ten sam produkt

ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1...

CVE-2017-14699MEDIUM6.5ten sam produkt

Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL-AC52U, DSL-AC5...

CVE-2025-59374CRITICAL9.3⚠ KEVPL ✓ten sam vendor

ASUS Live Update — kompromitacja łańcucha dostaw (supply chain compromise)

CVE-2021-32030CRITICAL9.8⚠ KEVten sam vendor

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_...

CVE-2023-5716CRITICAL9.8PL ✓ten sam vendor

ASUS Armoury Crate — zapis i odczyt dowolnych plików przez sieć bez uwierzytelnienia