Overview
- The flaw, tracked as CVE-2025-59367, enables remote, unauthenticated access to unpatched routers exposed to the internet with low-complexity attacks.
- ASUS released firmware version 1.1.2.3_1010 for the DSL-AC51, DSL-N16, and DSL-AC750 to remediate the issue.
- The company directs owners to download the update from official support or product pages and install it without delay.
- For devices that cannot be updated, ASUS advises disabling WAN remote access, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP, and using strong, unique passwords.
- There are no confirmed attacks to date, but the affected models are end-of-life and historically such routers are targeted to build botnets.