Exploiting ASUS DDNS to MITM Admin Credentials on One Million Routers

Explore a critical security vulnerability affecting approximately one million ASUS routers exposed to the internet via port 8443/tcp in this 30-minute Black Hat conference talk. Delve into the research conducted by Masaki Kubo, Yoshiki Mori, and Kanta Okugawa, which reveals how the "ASUS Router App" inadvertently alters router settings, making them accessible online. Discover the man-in-the-middle (MITM) attack vulnerability identified in routers configured with ASUS's DDNS, potentially allowing theft of admin credentials. Gain insights into the implications of this security flaw and learn about the researchers' findings on exploiting ASUS DDNS to compromise router security.

One Million ASUS Routers Under Control: Exploiting ASUS DDNS to MITM Admin Credentials