← back
CVE-2021-32030

CVE-2021-32030

CVSS 9.8 CRITICALEPSS 99.4%● KEVCWE-287
In short

ASUS GT-AC2900 and Lyra Mini routers have a critical flaw that allows attackers to bypass login authentication and access the administrator interface without credentials. An attacker can exploit this by sending specially crafted requests, potentially taking full control of the device.

Technical detail

Authentication bypass vulnerability in httpd.c and web_hook.o due to improper null-byte handling in auth_check logic. An unauthenticated remote attacker can match the default null-byte value to bypass authentication checks, gaining unauthorized access to the admin interface with CRITICAL impact (CVSS 9.8). Mitigation: disable WAN remote access or update to patched firmware version 3.0.0.4.386.42643 (GT-AC2900) or 3.0.0.4_384_46630 (Lyra Mini).

Summary generated and translated by AI from the official description.
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_384_46630 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations. Note: All versions of Lyra Mini and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability, Consumers can mitigate this vulnerability by disabling the remote access features from WAN.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/atredispartners/advisories/blob/master/ATREDIS-2020-0010.mdhttps://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-Gaming-Routers/RT-AC2900/HelpDesk_BIOS/https://www.asus.com/us/supportonly/lyra%20mini/helpdesk_bios/https://www.atredis.com/blog/2021/4/30/asus-authentication-bypasshttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-32030