CVE-2025-59371

Summary

An authentication bypass vulnerability has been identified in the IFTTT integration feature. A remote, authenticated attacker could leverage this vulnerability to potentially gain unauthorized access to the device. This vulnerability does not affect Wi-Fi 7 series models. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

Affected Software

VendorProductVersion RangeStatus
ASUSRouter3.0.0.4_386affected
ASUSRouter3.0.0.4_388affected
ASUSRouter3.0.0.6_102affected

Weaknesses

  • CWE-330: CWE-330: Use of Insufficiently Random Values

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References