An unknown group has published a list of more than ten thousand IP addresses of Asus routers with a vulnerable FTP client. The AirCloud login service logins have also been released. The publication is said to have been made to pressure Asus to close the gaps quickly.
According to the group, which consists of eight anonymous internet users, several Asus RT series router models contain a number of security holes and default settings that have been known to the manufacturer for a long time but still have not been closed. Reference is made to a SecurityFocus posting in June in which various vulnerabilities are discussed. For example, Asus enables anonymous access by default with the option for ftp access, so that every internet user can easily read the contents of, for example, a connected hard drive. A second mistake is that the AirCloud server writes the necessary usernames and password in an unencrypted text file that can also be downloaded.
Because, according to the group, Asus would have hardly solved these problems, a torrent file has been placed online in protest with sensitive data, including almost 13,000 IP addresses that point to a vulnerable Asus router. There are also directory listings requested via the router firmware’s anonymous ftp access, as well as login data for AiCloud.
While acknowledging that publishing this data could harm the innocent, the group argues that the end justifies the means: it would be the only way to wake companies up enough to actually fix the security issues and protect the products that protect their lives. take customers seriously. However, Asus has already released firmware updates for a number of router models that would fix the cited security vulnerabilities. However, the user must take the necessary steps himself to perform the update.