CVE-2025-2492

CRITICAL EXPLOITED

ASUS Router AiCloud - Authentication Bypass via Crafted Request

Title source: llm

Exploitation Summary

CVE-2025-2492 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including murrez.

AI-analyzed exploit summary This repository contains a functional Go-based exploit for CVE-2025-2492, targeting ASUS AiCloud/AsusWRT devices. The exploit chains two vulnerabilities (SETROOTCERTIFICATE and APPLYAPP) to achieve remote code execution by writing a malicious script to /etc/cert.pem.1 and executing it via RC_SERVICE.

Description

An improper authentication control vulnerability exists in AiCloud. This vulnerability can be triggered by a crafted request, potentially leading to unauthorized execution of functions. Refer to the 'ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.

Exploits (1)

nomisec WORKING POC

by murrez · remote

https://github.com/murrez/ASUS-AiCloud-RCE

View Code ZIP pw:eip

This repository contains a functional Go-based exploit for CVE-2025-2492, targeting ASUS AiCloud/AsusWRT devices. The exploit chains two vulnerabilities (SETROOTCERTIFICATE and APPLYAPP) to achieve remote code execution by writing a malicious script to /etc/cert.pem.1 and executing it via RC_SERVICE.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ASUS AiCloud/AsusWRT

No auth needed

Prerequisites: Network access to vulnerable ASUS device · Exposed ASUS AiCloud/AsusWRT service

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 12, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources vendor-advisory

https://www.asus.com/content/asus-product-security-advisory/

Scores

CVSS v4 9.2

EPSS 0.0097

EPSS Percentile 57.1%

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2025-11-19

CWE

CWE-288

Status published

Products (4)

ASUS/Router 3.0.0.4_382 series

ASUS/Router 3.0.0.4_386 series

ASUS/Router 3.0.0.4_388 series

ASUS/Router 3.0.0.6_102 series

Published Apr 18, 2025

Tracked Since Feb 18, 2026