Asus router flaw leaves users' entire hard drives open to anyone on the Internet

Advertisement
By Jamshed Avari | Updated: 14 January 2014 16:58 IST
Asus router flaw leaves users' entire hard drives open to anyone on the Internet
Convenience often comes at the cost of security, as demonstrated by Asus routers that come with a feature designed to allow users to access their hard drives' contents from anywhere in the world, but actually leave those drives open to anyone with an Internet connection. First reported by Sweden's IDG.se, the vulnerability has exposed how easy it is for users to unknowingly leave themselves open to malicious attacks, identity theft, piracy, and other security risks. The problem is the direct result of Asus consciously designing its default router configuration to favour convenience over security by not requiring a strong password.

The feature in question, called AiDisk, is designed to give users access to a hard drive plugged directly into a router's USB port. The feature is supported on a number of Asus router models, some of which have been on the market for over a year. All router manufacturers offer similar functionality on certain models.

Users who choose to plug a hard drive into their router might not be aware that Asus uses standard FTP (File Transfer Protocol) to make the drive function as a server, using your router's uniquely identifiable IP address. Such servers can be detected and accessed by anyone with an Internet connection, with very little effort. The routers also broadcast their model numbers by default, further inviting anyone who is familiar with the flaw. Visitors might have a casual interest in your server's contents, or they might have malicious intent-it's only a strong password that can keep them out. Unfortunately, in an effort to make FTP sharing completely transparent to users, Asus selected a default configuration option that does not require a password at all.

News site Thehackernews.com reports that Asus has acknowledged the problem and has committed to releasing a firmware patch for the affected models that will prompt users to configure a suitable password upon activating the feature. However it's impossible to estimate what percentage of affected users will install the patch or even be aware that it exists.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. OnePlus 13 Series Gets AI-Powered Plus Mind Feature With Latest Update
  2. Vivo X200 FE Launched in India With 6,500mAh Battery, Compact Design
  3. Samsung Galaxy F36 5G to Launch Soon in India: Details
  4. Up to 70 Percent Discount on Headphones During Amazon Prime Day Sale 2025
  5. Realme 15 Pro 5G Display, Battery Details Confirmed Ahead of India Launch
  6. Samsung Galaxy S25 FE Key Specifications Leaked: All Details
  7. Nothing Phone 3 and Headphone 1 to Go on Sale in India From Today
  8. Samsung Galaxy S26+ or Galaxy S26 Edge May Get Improved Ultrawide Camera
  9. Vivo X Fold 5 Launched in India With 8.03-Inch Foldable Display
  1. Oppo K13 Turbo, K13 Turbo Pro Design, Colour Options Revealed Ahead of July 21 Launch
  2. Tesla Model Y Price in India Announced; Tesla App for iOS Available to Download
  3. iPhone 17 Components Arrive in India; Mass Production Expected to Begin in August: Report
  4. Vivo Y50 5G, Vivo Y50m 5G Appear on China Telecom Site With MediaTek Dimensity 6300 SoC, 6,000mAh Battery
  5. Google Pixel 10 Pro Fold Said to Get Larger Battery, Faster Charging and Bigger Cover Display
  6. Nothing Phone 3 and Headphone 1 Sale in India Begins Today: Price, Offers
  7. OnePlus 13 Series Update Brings Plus Mind Feature for Quickly Storing Information in Mind Space
  8. Earth’s Spin to Speed Up Briefly, Causing Shorter Days This Summer
  9. James Webb Telescope Spots Rare ‘Cosmic Owl’ Formed by Colliding Galaxies
  10. MIT Develops Low-Resource AI System to Control Soft Robots with Just One Image
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.