Do Son 
ASUS has issued a warning regarding a critical vulnerability in its routers, specifically linked to the AiCloud feature. This flaw enables remote attackers to execute unauthorized actions on affected devices without requiring authentication. Designated as CVE-2025-2492, the vulnerability has been deemed highly severe, receiving a CVSS v4 score of 9.2. Exploitation is possible through a specially crafted request.
AiCloud is a cloud-based feature integrated into several ASUS routers, effectively transforming them into miniature servers. It allows users to remotely access files stored on USB-connected drives, stream media, synchronize data between home networks and cloud services, and share files over the internet.
The vulnerability affects a broad range of models, and the company has already released firmware updates for various series, including versions 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102. Users are strongly advised to install the latest firmware version without delay, available through the ASUS support portal or via the model search page, where comprehensive update instructions are also provided.
ASUS further recommends setting strong, unique passwords for both the wireless network and router management interface—ideally at least 10 characters in length and composed of letters, numbers, and special symbols. For devices that are no longer supported (end-of-life), users should disable AiCloud entirely and block internet access for WAN-related features such as port forwarding, DDNS, VPN, DMZ, port triggering, and FTP.
As of now, there have been no confirmed reports of in-the-wild exploitation or the existence of a publicly available exploit. However, vulnerabilities of this nature are frequently targeted for malware distribution or to conscript devices into botnets. Thus, owners of ASUS routers are urged to apply the necessary updates immediately to mitigate potential attacks.
