According to the Indian Computer Emergency Response Team (CERT-In), thousands of households, small offices, and service providers across the country may already be at risk due to a newly uncovered authentication bypass flaw tracked as CVE-2025-59367. India’s national cybersecurity agency has issued a security alert after identifying a severe vulnerability in several widely used Asus DSL-series WiFi routers.
The warning, published in CERT-In Vulnerability Note CIVN-2025-0322, outlines how remote attackers could infiltrate specific router models without user involvement. The affected devices include the Asus DSL-AC51, DSL-N16, and DSL-AC750, three routers that are common in home and SOHO environments relying on DSL internet connections.
CERT-In states that the flaw enables an attacker to bypass login controls and gain unrestricted access to the router’s administrative interface. Once the router is compromised, the intruder could alter configuration settings, observe or reroute internet traffic, intercept personal or financial information, or even compromise connected devices. The agency describes the risks to confidentiality, integrity, and availability as “critical.”
CVE-2025-59367 Enables Authentication Bypass and Network Compromise
In its advisory, CERT-In explains that a “vulnerability has been reported in ASUS DSL series routers that allows a remote attacker to gain unauthorized access into the affected system.” The agency notes that the issue affects the DSL-AC51, DSL-N16, and DSL-AC750 models and warns that successful exploitation could result in unauthorized access, modification of configuration parameters, access to sensitive information transmitted through the router, and compromise of connected systems.
The advisory is targeted at IT and network administrators, SOC analysts, SMB operators, home and SOHO users, and managed service providers or ISPs, highlighting the widespread nature of the vulnerability. CERT-In’s assessment reiterates that the authentication bypass flaw, identified as CVE-2025-59367, poses direct threats to data confidentiality and system integrity.
The report also details the broader context of the Asus DSL series line, explaining that these devices serve as integrated modem-router units for environments dependent on DSL connections. Because these routers often operate as central networking hubs, any breach may expose all devices and data flowing through the network.
The advisory includes a directive: “Apply appropriate security updates as mentioned in: https://www.asus.com/security-advisory.” CERT-In urges users to immediately install the firmware patches that Asus has begun releasing for the affected models. The agency also recommends that users change default passwords, disable remote management functions unless necessary, and review router security settings for any misconfigurations. Monitoring router logs for abnormalities has also been emphasized as a crucial preventive step.
Conclusion
Asus rolls out patches for the authentication bypass flaw CVE-2025-59367; CERT-In is urging all users of affected DSL-series routers to apply updates immediately. The agency has reiterated the seriousness of the vulnerability and advised users to review their router settings, update firmware through the Asus security advisory page, and remain alert to suspicious activity.
Incidents like CVE-2025-59367 show how essential it is for organizations to have reliable insight into new vulnerabilities. Cyble supports this need through detailed vulnerability intelligence, helping teams identify high-risk issues, track exploit activity, and prioritize remediation across assets and products. Its intelligence goes beyond standard CVE and NVD listings, offering context on exploits, attack methods, and threat actor discussions.
Schedule a personalized demo with Cyble to assess how its intelligence platform can support your security operations.
