CVE-2025-59369 identifies a SQL injection vulnerability in the bwdpi component of ASUS routers running firmware versions 3.0.0.4_386, 3.0.0.4_388, and 3.0.0.6_102. The vulnerability arises from improper neutralization of special elements in SQL commands, classified under CWE-89. An attacker with authenticated remote access can inject malicious SQL queries, potentially extracting or manipulating sensitive data stored in the router's backend database. The attack vector requires high privileges (authenticated user) but no user interaction beyond authentication. The vulnerability does not extend to impacting the router’s availability or integrity of the firmware itself but compromises confidentiality of stored data. The CVSS 4.0 score is 5.9 (medium), reflecting network attack vector, low attack complexity, and high impact on confidentiality. No public exploits have been reported, and ASUS has published a security advisory recommending firmware updates. The vulnerability highlights the risk of insufficient input validation in embedded device management interfaces, which can be exploited to escalate access or gather intelligence for further attacks.

For European organizations, this vulnerability poses a risk primarily to the confidentiality of data stored within affected ASUS routers, such as configuration details, logs, or user credentials. Unauthorized data access could facilitate further lateral movement or targeted attacks within corporate or critical infrastructure networks. Although the vulnerability requires authenticated access, compromised credentials or weak administrative controls could enable exploitation. The impact on availability and integrity is minimal, but data leakage could undermine trust and compliance with data protection regulations like GDPR. Organizations relying on ASUS routers in sensitive environments or with remote management enabled are at higher risk. The absence of known exploits reduces immediate threat but does not eliminate the risk of future attacks. Failure to patch could expose European entities to espionage, data theft, or network reconnaissance activities.

European organizations should immediately verify if their ASUS routers run the affected firmware versions (3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102) and apply the latest firmware updates provided by ASUS as per their security advisory. Network administrators must restrict remote administrative access to trusted IP addresses or VPNs and enforce strong authentication mechanisms, including multi-factor authentication where possible. Regularly audit router user accounts and credentials to prevent unauthorized access. Implement network segmentation to isolate router management interfaces from general user networks. Monitor router logs for unusual SQL query patterns or authentication anomalies indicative of exploitation attempts. Additionally, consider disabling unnecessary services or features like bwdpi if not required. Maintain an inventory of network devices to ensure timely patch management and vulnerability assessment.