RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers

VulnCheck discovered that the RondoDox botnet is exploiting a critical 2018 ASUS router vulnerability (CVE-2018-5999, CVSS 9.8) by toggling the ateCommand_flag to open the router's infosvr and allow unauthenticated configuration changes; researchers confirmed they could change admin credentials and observed exploitation beginning May 17, enabling device takeover and recruitment for DDoS campaigns.