Overview
A command injection vulnerability, identified as CVE-2025-59370, has been discovered in the bwdpi component of certain ASUS routers. This vulnerability could allow a remote, authenticated attacker to execute arbitrary commands on the affected device. Successful exploitation of this vulnerability could lead to the device executing unintended instructions, potentially compromising the entire network.
Technical Details
CVE-2025-59370 is a command injection vulnerability present within the bwdpi component of ASUS router firmware. While specific details on the vulnerable code section are not publicly available, the nature of command injection vulnerabilities implies that user-supplied input is not properly sanitized before being used in a system command. An authenticated attacker, meaning someone who has already gained access to the router’s administrative interface (likely through stolen credentials or another vulnerability), can inject malicious commands that will be executed with the privileges of the bwdpi process. This can allow the attacker to gain full control over the device, install malware, or exfiltrate sensitive data.
Further analysis of the ASUS Security Advisory and firmware updates is recommended to fully understand the attack vector and impacted models.
CVSS Analysis
Currently, a CVSS score is not available for CVE-2025-59370. However, due to the potential for remote command execution, this vulnerability should be considered high risk. The absence of a CVSS score does not diminish the severity of the issue. It is advisable to address this vulnerability promptly, especially considering the potential for complete device compromise.
Possible Impact
The potential impact of CVE-2025-59370 is significant:
- Remote Command Execution: Attackers can execute arbitrary commands on the affected router.
- Device Compromise: Full control of the router can be gained, allowing attackers to modify configurations, install backdoors, or use the router as part of a botnet.
- Data Breach: Sensitive data transmitted through the router could be intercepted or exfiltrated.
- Network Disruption: Attackers could disrupt network services or redirect traffic to malicious sites.
Mitigation or Patch Steps
To mitigate the risk associated with CVE-2025-59370, the following steps are recommended:
- Update Firmware: Immediately update your ASUS router’s firmware to the latest version. Refer to the ASUS Security Advisory for the appropriate firmware update for your specific model.
- Change Default Credentials: Ensure that the default administrator username and password have been changed to strong, unique credentials.
- Disable Remote Management: If remote management is not required, disable it in the router’s settings.
- Enable Firewall: Verify that the router’s firewall is enabled and properly configured.
- Monitor Network Traffic: Monitor network traffic for any unusual activity.
