The bug may be present in all current versions of the router firmware. The culprit is a service called infosvr, which is designed to help admins find and configure routers on a network segment. The bug lies in a block of code related to the processPacket function. The most effective workaround for the bug is to disable the infosVR process, which can be done by killing the process each time the router is booted. The best defense is to remove the remote command execution function from the vulnerable service.
Source: https://threatpost.com/root-command-execution-flaw-haunts-asus-routers/110276/