Auth bypass in Asus Router
CVE-2025-12003
A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Adv…
Vulnerability class: Broken Authentication
EPSS: 0.003 (54.5th percentile) — read the EPSS interpretation.
Affected products
- Asus Router — versions 3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102
Weakness classification (CWE)
References
- www.asus.com/security-advisory/ (vendor-advisory)