Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

ASUS AiCloud routers firmware patch release (CVE-2025-59366 and others)

Security Patch Release
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

ASUS released new firmware for AiCloud-enabled routers to fix nine vulnerabilities, including CVE-2025-59366, a critical authentication bypass that can let unauthorized attackers trigger router functions. The flaw can be chained with path traversal and OS command injection in attacks that do not require user interaction. ASUS urged users to update firmware immediately and told owners of end-of-life models to disable Internet-exposed services such as WAN remote access, port forwarding, DDNS, and VPN server.

Related Happenings

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

Cisco security patch release for CVE-2026-20188

Security Patch Release
First: 06.05.2026 21:06 Last: 06.05.2026 21:06 Sources 1

About this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...

Open Happening

TP-Link security patch release for CVE-2025-15517

Security Patch Release
First: 25.03.2026 13:11 Last: 25.03.2026 13:11 Sources 1

About this happening: **TP-Link** released **security updates** for its **Archer NX** router series to close a critical authentication-bypass flaw that could let attackers upload firmware without loggi...

Open Happening

Juniper Networks security patch release for CVE-2026-21902

Security Patch Release
First: 26.02.2026 18:42 Last: 26.02.2026 18:42 Sources 1

About this happening: **Juniper Networks** has released fixes for **CVE-2026-21902** in **Junos OS Evolved** on **PTX Series routers**, closing a flaw that could let an unauthenticated attacker run cod...

Open Happening

Unattributed operators campaign expands across multiple victims

Campaign
First: 19.11.2025 16:35 Last: 19.11.2025 16:35 Sources 1

About this happening: The **Operation WrtHug** campaign is hijacking **ASUS WRT routers** worldwide by exploiting **six vulnerabilities** and abusing **AiCloud**, creating a large pool of compromised d...

Open Happening

Timeline

  1. 26.11.2025 13:41 2 articles · 6mo ago

    ASUS releases firmware for AiCloud router flaws

    Mitigation Patch Update

    ASUS released new firmware to patch nine security vulnerabilities in AiCloud-enabled routers, including CVE-2025-59366, a critical authentication bypass that can be triggered by an unintended side effect of Samba and chained with path traversal and OS command injection to execute specific functions without proper authorization.

    Show sources
    Open in new tab
  2. 26.11.2025 13:41 1 articles · 6mo ago

    ASUS publishes mitigation guidance for AiCloud routers

    Technical Analysis Update

    ASUS urged owners of AiCloud-enabled routers to update to the latest firmware immediately and, for end-of-life models that will not receive updates, disable Internet-exposed services such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP while using strong passwords for the router administration page and wireless networks.

    Show sources
    Open in new tab