Information disclosure in ASUS Routers

Published: 2023-06-09 | Updated: 2023-06-20

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2023-31195
CWE-ID	CWE-614
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	RT-AX3000 Hardware solutions / Routers & switches, VoIP, GSM, etc GT6 Hardware solutions / Routers & switches, VoIP, GSM, etc GT-AXE16000 Hardware solutions / Routers & switches, VoIP, GSM, etc GT-AXE11000 PRO Hardware solutions / Routers & switches, VoIP, GSM, etc GT-AXE11000 Hardware solutions / Routers & switches, VoIP, GSM, etc GT-AX6000 Hardware solutions / Routers & switches, VoIP, GSM, etc GT-AX11000 Hardware solutions / Routers & switches, VoIP, GSM, etc GS-AX5400 Hardware solutions / Routers & switches, VoIP, GSM, etc GS-AX3000 Hardware solutions / Routers & switches, VoIP, GSM, etc ZenWiFi XT9 Hardware solutions / Routers & switches, VoIP, GSM, etc ZenWiFi XT8 Hardware solutions / Routers & switches, VoIP, GSM, etc ZenWiFi XT8_V2 Hardware solutions / Routers & switches, VoIP, GSM, etc RT-AX86U PRO Hardware solutions / Routers & switches, VoIP, GSM, etc RT-AX86U Hardware solutions / Routers & switches, VoIP, GSM, etc RT-AX86S Hardware solutions / Routers & switches, VoIP, GSM, etc RT-AX82U Hardware solutions / Routers & switches, VoIP, GSM, etc RT-AX58U Hardware solutions / Routers & switches, VoIP, GSM, etc TUF-AX6000 Hardware solutions / Routers & switches, VoIP, GSM, etc TUF-AX5400 Hardware solutions / Routers & switches, VoIP, GSM, etc
Vendor

Security Bulletin

This security bulletin contains information about 1 vulnerabilities.

Updated 20.06.2023

Added vulnerable products.

1) Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

EUVDB-ID: #VU77113

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-31195

CWE-ID: CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected application uses sensitive cookies without "Secure" attribute. A remote attacker can perform a man-in-the-middle attack and gain access to sensitive cookies.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

RT-AX3000: before 3.0.0.4.388.23403

GT6: before 3.0.0.4.388.23145

GT-AXE16000: before 3.0.0.4.388.23012

GT-AXE11000 PRO: before 3.0.0.4.388.23285

GT-AXE11000: before 3.0.0.4.388.23482

GT-AX6000: before 3.0.0.4.388.23285

GT-AX11000: before 3.0.0.4.388.23285

GS-AX5400: before 3.0.0.4.388.23012

GS-AX3000: before 1.4.8.3

ZenWiFi XT9: before 3.0.0.4.388.23285

ZenWiFi XT8: before 3.0.0.4.388.23285

ZenWiFi XT8_V2: before 3.0.0.4.388.23285

RT-AX86U PRO: before 3.0.0.4.388.23285

RT-AX86U: before 3.0.0.4.388.23285

RT-AX86S: before 3.0.0.4.388.23285

RT-AX82U: before 3.0.0.4.388.23285

RT-AX58U: before 3.0.0.4.388.23403

TUF-AX6000: before 3.0.0.4.388.31927

TUF-AX5400: before 3.0.0.4.388.23285

External links

http://jvn.jp/en/jp/JVN34232595/index.html
http://www.hkcert.org/security-bulletin/asus-router-multiple-vulnerabilities_20230620
http://www.asus.com/content/asus-product-security-advisory/#06/19/2023

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.