Asus router flaw leaves users' entire hard drives open to anyone on the Internet

Advertisement
By Jamshed Avari | Updated: 14 January 2014 16:58 IST
Asus router flaw leaves users' entire hard drives open to anyone on the Internet
Convenience often comes at the cost of security, as demonstrated by Asus routers that come with a feature designed to allow users to access their hard drives' contents from anywhere in the world, but actually leave those drives open to anyone with an Internet connection. First reported by Sweden's IDG.se, the vulnerability has exposed how easy it is for users to unknowingly leave themselves open to malicious attacks, identity theft, piracy, and other security risks. The problem is the direct result of Asus consciously designing its default router configuration to favour convenience over security by not requiring a strong password.

The feature in question, called AiDisk, is designed to give users access to a hard drive plugged directly into a router's USB port. The feature is supported on a number of Asus router models, some of which have been on the market for over a year. All router manufacturers offer similar functionality on certain models.

Users who choose to plug a hard drive into their router might not be aware that Asus uses standard FTP (File Transfer Protocol) to make the drive function as a server, using your router's uniquely identifiable IP address. Such servers can be detected and accessed by anyone with an Internet connection, with very little effort. The routers also broadcast their model numbers by default, further inviting anyone who is familiar with the flaw. Visitors might have a casual interest in your server's contents, or they might have malicious intent-it's only a strong password that can keep them out. Unfortunately, in an effort to make FTP sharing completely transparent to users, Asus selected a default configuration option that does not require a password at all.

News site Thehackernews.com reports that Asus has acknowledged the problem and has committed to releasing a firmware patch for the affected models that will prompt users to configure a suitable password upon activating the feature. However it's impossible to estimate what percentage of affected users will install the patch or even be aware that it exists.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Asus, Asus routers, FTP, File Transfer Protocol, Internet, Internet security, security
BSNL Champion My Phone SM3512, Champion My Phone SM3513 budget Android phones launched
HP Slate 6 Voice Tab smartphone leaked with blurred image, $200 price tag
Advertisement

Related Stories

Asus ExpertBook P3 Series With AMD Ryzen AI 7 350 Processor Launched at Computex 2025
21 May 2025
Asus Refreshes ROG Strix, ROG Zephyrus, TUF Gaming Laptops With Nvidia GeForce RTX 5060 Laptop GPU
20 May 2025
Asus ROG Strix OLED XG32U Series Gaming Monitors With Up to 480Hz Refresh Rate Announced
15 May 2025
Asus ROG Ally 2 Spotted via US FCC Listing Alongside 'Project Kennan' Xbox Handheld
7 May 2025
Asus Updates ROG Strix Scar, Strix, Zephyrus and Flow Gaming Laptop Lineups With Intel and AMD CPUs
2 May 2025

Tech News in Hindi »

More Technology News in Hindi »
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Retro OTT Release Reportedly Revealed: When and Where to Watch it Online?
  2. HP Launches OmniStudio X All-in-One PC With Intel Core Ultra 7 CPU
  3. Infinix GT 30 Pro 5G With MediaTek Dimensity 8350 Ultimate SoC Launched
  4. Google I/O 2025: Here Are All the Major AI Announcements
  5. Oppo Reno 14 Series to Arrive With Integrated Google Gemini Features
#Latest Stories
  1. Cyberpunk 2077 Sequel Will Feature a Second City in Addition to Night City, Says Series Creator
  2. Trump Memecoin Holders Set to Dine With US President, Tron Founder Justin Sun Confirms Attendance 
  3. Amazon Working on Large Foldable Device Similar to Huawei MateBook Fold Ultimate: Ming-Chi Kuo
  4. Infinix GT 30 Pro 5G With MediaTek Dimensity 8350 Ultimate SoC, 5,500mAh Battery Launched: Price, Features
  5. Google Announces SynthID Detector That Can Identify Gemini-Generated Content at Google I/O 2025
  6. Realme Buds Air 7 Pro Global Launch Set for May 27; Colours, Key Features Revealed
  7. iQOO Watch 5 With 1.43-Inch AMOLED Display and TWS Air 3 With Up to 45 Hours of Total Battery Life Launched
  8. Google Outlines Vision for Universal AI Assistant, Expands Project Astra and Project Mariner
  9. Xiaomi to Equip Premium Smartphones With Snapdragon 8-Series Chips as Part of Multi-Year Agreement
  10. Hong Kong Passes stablecoin Bill, One Step Closer to Issuance
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.