There is now an update available for an Asus router that has an authentication bypass vulnerability found earlier this summer.
The vulnerability is in Asus’ RT-N10E brand of routers, sold primarily in Europe, China and South America. Asus is a Taiwanese electronics company.
The problem is once an attacker gains access to the device, they can make their way to a certain website and learn the device configuration without entering log-in credentials, said the a passage on Carnegie Mellon’s CERT Vulnerability Notes Database.
The vulnerability (CVE-2013-3610) allows attackers to view information – including the device’s administrator password – that should only be viewable to authenticated users, by being on the local area network.
Firmware update 184.108.40.206 fixes the vulnerable versions, 220.127.116.11 and earlier and also addresses two other, unrelated issues involving an “abnormal disconnection” and a problem with “IPTV connection stability after PPPoE reconnect.”