CVE-2025-59370
📋 TL;DR
A command injection vulnerability in bwdpi allows authenticated remote attackers to execute arbitrary commands on affected ASUS routers. This could lead to complete device compromise, data theft, or network infiltration. Only ASUS router users with affected firmware versions are impacted.
💻 Affected Systems
- ASUS routers with bwdpi feature
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full router compromise allowing attacker to intercept all network traffic, install persistent malware, pivot to internal networks, and use router as attack launch point.
Likely Case
Attacker gains shell access to router, modifies configurations, steals credentials, and installs backdoors for persistent access.
If Mitigated
Attack fails due to proper authentication controls, network segmentation, or updated firmware preventing command injection.
🎯 Exploit Status
Exploitation requires authenticated access; command injection vulnerabilities typically have low complexity once authentication is bypassed
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check ASUS firmware updates for your specific router model
Vendor Advisory: https://www.asus.com/security-advisory/
Restart Required: Yes
Instructions:
1. Visit ASUS support site for your router model. 2. Download latest firmware version. 3. Log into router admin interface. 4. Navigate to firmware update section. 5. Upload and install new firmware. 6. Reboot router.
🔧 Temporary Workarounds
Disable bwdpi feature
allTurn off Broadband Deep Packet Inspection feature if not required
Restrict admin access
allLimit router admin interface access to trusted IP addresses only
🧯 If You Can't Patch
- Isolate router on separate VLAN with strict firewall rules
- Implement network monitoring for unusual router traffic patterns
🔍 How to Verify
Check if Vulnerable:
Check router firmware version against ASUS security advisory; if using affected version with bwdpi enabled, assume vulnerableCheck Version:
Log into router web interface and check firmware version in System Status or Administration sectionVerify Fix Applied:
Verify firmware version matches or exceeds patched version listed in ASUS advisory📡 Detection & Monitoring
Log Indicators:
- Unusual command execution in router logs
- Multiple failed authentication attempts followed by successful login
- Unexpected configuration changes
Network Indicators:
- Unusual outbound connections from router
- Traffic patterns inconsistent with normal router operations
- DNS queries to suspicious domains from router
SIEM Query:
source="router_logs" AND (event="command_execution" OR event="config_change") AND user!="admin"