CVE-2021-41435
📋 TL;DR
This vulnerability allows remote attackers to bypass CAPTCHA-based brute-force protection on affected ASUS routers, enabling unlimited login attempts. Attackers can exploit this to guess credentials and gain unauthorized access to router administration interfaces. All users of listed ASUS router models running vulnerable firmware versions are affected.
💻 Affected Systems
- ASUS ROG Rapture GT-AX11000
- RT-AX3000
- RT-AX55
- RT-AX56U
- RT-AX56U_V2
- RT-AX58U
- RT-AX82U
- RT-AX82U GUNDAM EDITION
- RT-AX86 Series (RT-AX86U/RT-AX86S)
- RT-AX86U ZAKU II EDITION
- RT-AX88U
- RT-AX92U
- TUF Gaming AX3000
- TUF Gaming AX5400 (TUF-AX5400)
- ASUS ZenWiFi XD6
- ASUS ZenWiFi AX (XT8)
- RT-AX68U
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of router administration, allowing attacker to change network settings, intercept traffic, install malware, or pivot to internal network devices.
Likely Case
Unauthorized access to router admin panel leading to network configuration changes, DNS hijacking, or credential theft for connected devices.
If Mitigated
Limited impact if strong unique admin passwords are used, but still exposes router to brute-force attacks.
🎯 Exploit Status
Exploitation requires sending specific HTTP requests to bypass CAPTCHA, which is trivial for attackers with basic networking knowledge.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 3.0.0.4.386.45898 for most models, 3.0.0.4.386.45911 for RT-AX68U
Vendor Advisory: https://www.asus.com/support/
Restart Required: Yes
Instructions:
1. Log into router admin panel. 2. Navigate to Administration > Firmware Upgrade. 3. Check for updates or manually download from ASUS support site. 4. Upload and install latest firmware. 5. Reboot router after installation.
🔧 Temporary Workarounds
Disable Remote Administration
allPrevent external access to router admin interface
Change Admin Password
allUse strong, unique password to reduce brute-force success probability
🧯 If You Can't Patch
- Disable web administration interface entirely if not needed
- Implement network-level firewall rules to block access to router admin port (typically 80/443)
🔍 How to Verify
Check if Vulnerable:
Check firmware version in router admin panel under Administration > Firmware UpgradeCheck Version:
No CLI command - check via web interface or curl http://router-ip/versionVerify Fix Applied:
Confirm firmware version is 3.0.0.4.386.45898 or higher (3.0.0.4.386.45911 for RT-AX68U)📡 Detection & Monitoring
Log Indicators:
- Multiple failed login attempts from same IP without CAPTCHA challenges
- Successful logins after many failed attempts
Network Indicators:
- HTTP POST requests to login endpoints without CAPTCHA parameters
- Unusual traffic patterns to router admin port
SIEM Query:
source="router_logs" (event="login_failed" OR event="login_success") | stats count by src_ip, user | where count > 10🔗 References
- http://asus.com
- https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios
- https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/
- http://asus.com
- https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios
- https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/
- https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/
