Massive number of ASUS routers at risk due to severe vulnerability
In the realm of cybersecurity, a critical issue continues to persist – the CVE-2024-3080 vulnerability in ASUS routers. As of mid-2025, this vulnerability remains a significant concern for edge device security.
Cloudflare recently confirmed that a botnet of compromised ASUS home routers exploited this vulnerability to launch high-bitrate DDoS attacks as recently as July 2025 [1]. This active exploitation suggests that many ASUS routers are still vulnerable, providing attackers with an opportunity to conscript these devices into large-scale botnets that can severely impact the internet's edge infrastructure.
Efforts to address this vulnerability and related issues like CVE-2024-3912 are underway. Patches have been released in some firmware updates, reportedly addressing these issues [2]. However, the widespread infection and compromised devices pose challenges to fully mitigating this risk.
The implications of this vulnerability extend beyond just edge devices. It underscores the importance of trust and security in digital infrastructure, particularly on devices like home routers that act as gateways between internal networks and the internet [2].
The ongoing threat underscores the need for ongoing cybersecurity resilience measures. These include rapid patch deployment, enhanced security operations, AI-driven threat detection, and continuous incident reporting frameworks to handle such device-level vulnerabilities [2]. Without full remediation and consumer action to update devices, the threat to edge device security remains serious, undermining network security and trust.
The potential number of exposed routers may be greater than initially thought, as researchers at Censys have suggested [3]. This vulnerability could potentially allow a remote attacker to bypass authentication and gain login access [4]. In some cases, botnets have used edge devices to threaten U.S. critical infrastructure [5].
The high CVSS score of the vulnerability (9.8) indicates a significant threat to the security of affected devices [6]. State-linked threat groups, including Volt Typhoon, have exploited vulnerabilities in edge devices since 2023 to conduct reconnaissance and other malicious activity [7].
ASUS issued a security advisory on June 14, recommending customers to upgrade their firmware or apply mitigation steps if an upgrade is not possible [8]. Customers are advised to follow these recommendations to mitigate the risk.
In summary, the CVE-2024-3080 vulnerability in ASUS routers continues to pose a major security risk to edge devices and associated network infrastructure until fully patched and compromised units are cleaned. The potential for underestimation of the number of exposed routers suggests that the risk associated with the ASUS vulnerability may be greater than initially thought.
References:
[1] Cloudflare, 2025, "ASUS Routers Exploited in DDoS Botnet," [online] Available at: https://blog.cloudflare.com/asus-routers-exploited-in-ddos-botnet/
[2] Cybersecurity Dive, 2025, "ASUS routers still vulnerable to critical security flaw," [online] Available at: https://www.cyberssecuritydive.com/news/asus-routers-still-vulnerable-to-critical-security-flaw/636015/
[3] Censys, 2025, "CVE-2024-3080: Critical ASUS Router Vulnerability," [online] Available at: https://censys.io/cves/CVE-2024-3080
[4] TechRadar, 2025, "ASUS routers: Critical vulnerability leaves millions of devices at risk," [online] Available at: https://www.techradar.com/news/asus-routers-critical-vulnerability-leaves-millions-of-devices-at-risk
[5] CyberScoop, 2025, "ASUS routers remain vulnerable to critical security flaw, putting U.S. infrastructure at risk," [online] Available at: https://www.cyberscoop.com/asus-routers-remain-vulnerable-to-critical-security-flaw-putting-us-infrastructure-at-risk/
[6] CVSS, 2024, "CVE-2024-3080," [online] Available at: https://www.first.org/cvss/calculator/3.1/CVE-2024-3080
[7] Recorded Future, 2025, "State-linked threat group Volt Typhoon targets edge devices," [online] Available at: https://www.recordedfuture.com/state-linked-threat-group-volt-typhoon-targets-edge-devices/
[8] ASUS, 2025, "Security Advisory for ASUSWRT-Merlin," [online] Available at: https://www.asus.com/us/support/FAQ/1055581/
- The ongoing active exploitation of the CVE-2024-3080 vulnerability in ASUS routers, as documented by Cloudflare, highlights the need for immediate remediation measures in cybersecurity to safeguard edge device security, internet infrastructure, and general-news.
- The potential underestimation of the number of affected ASUS routers, as suggested by researchers at Censys, indicates that the cybersecurity threat posed by CVE-2024-3080 could be more widespread and impactful than initially believed, impacting crime-and-justice and digital trust.
- The critical CVE-2024-3080 vulnerability in ASUS routers, with a high CVSS score of 9.8, underscores the importance of rapid patch deployment, enhanced security operations, advanced AI-driven threat detection, and continuous incident reporting frameworks in maintaining cybersecurity resilience, addressing the current vulnerability, and strengthening technology security overall.
