RT-AX86U Pro
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
Fixed injection vulnerability.
Please unzip the firmware file, and then verify the checksum.
SHA256:
9c64510b996722715b8d6711e3101cd1a3aa8063a7029f411cab195ec0ec07f1
Fixed IPV6 connection issue.
Please unzip the firmware file, and then verify the checksum.
SHA256: 1b7025b992efef0a4b370828e8622a6c8c7ddd5a11ed8fe9d5f7f6c3b4d00c91
New features for ASUSWRT 5.0
-Kids' Wi-Fi: Create a separate network specifically for children, complete with scheduled controls. This is suitable for children who use multiple network devices that have enabled the randomized MAC address function and are not easily recognized.
-VPN WiFi: Create a VPN network that connects to 3rd party VPN services or with ASUS site to site -VPN(https://www.asus.com/support/FAQ/1048281/) to encrypts your internet connection and hides your IP address to protect your online activities from being tracked or monitored.
-IoT WiFi : Create an 2.4G spearate network for IoT (Internet of Things) devices.
Guest WiFi: Create a guest network with a WiFi schedule and access rights to control when and how guests can use the network.
-VLAN, allow you to segment a network into smaller, virtual sub-networks, which can be used to isolate traffic, please refer to https://www.asus.com/support/FAQ/1049415/
-Multi-services WAN, create multiple profiles on a single WAN interface. (https://asus.com/support/FAQ/1050072)
-Port isolation and AP isolation to restrict device access to each other.
Bug Fixes and Enhancements:
- Fixed an issue where the RE product ID was not being updated in the AiMesh topology.
- Corrected a display issue in the OpenVPN server that prevented IPv6 settings from showing correctly.
- Fixed a persistent GUI issue on 'Let's Encrypt Authorization' that displayed 'Authorization' incorrectly.
- Added DS-Lite Support.
Security updates:
- Addressed CVE-2023-48795 by updating the dropbear SSH server.
- Applied patches for CVE-2023-5678 & CVE-2024-0727
- Improved security in OpenVPN custom configuration.
Please unzip the firmware file, and then verify the checksum.
SHA256: 00cb94cc36d75105b61b5f03571e8dbc11fc245a9f776679efe7ad20e9c395d8
Bug Fixes and Enhancements:
- Resolved guest network connectivity issues on AiMesh nodes by disabling guest network internal access.
Please unzip the firmware file, and then verify the checksum.
SHA256: 3579dd4b546138beb7a1cf044fbe957c7a8a80abd5f547353d331c1f1789df06
Bug Fixes and Enhancements:
- Fixed WAN connection issues.
- Fixed v6plus related issues.
- Added OCN support.
- Resolved an issue that caused hostname errors in the DDNS service.
- Resolved OpenVPN server TAP mode issue.
- Fixed the problem that the AiCloud app cannot add router on Android 9.
- Ensured consistent display of client status on the WireGuard server.
- Enhanced system stability when accessing the WireGuard server with DMZ enabled.
- Improved stability when enabling or disabling the WireGuard server.
- Optimized memory utilization and fixed an occasional server error when registering DDNS with an app.
- Corrected a bug encountered when adding a rule to the network services filter.
Security Fixes:
- Fixed several curl vulnerabilities.
- Fixed OpenSSL vulnerabilities.
- Upgraded to the latest dropbear version.
- Fixed a stack overflow vulnerability.
Please unzip the firmware file, and then verify the checksum.
SHA256: 4d84b42366d815a0d9c2a25a8a45420495e551bcaec4c7ebd23127693209f04c
Bug Fixes and Enhancements
- NowTV profile has been added under new IPTV profiles.
- IPTV settings have been updated for better compatibility with Unifi Biz VoIP service.
- Fixed a GUI bug that occurred when adding port range rules in the Network Service Filter.
- Resolved an issue that caused hostname errors in the DDNS service.
Security Fixes
- Fixed several curl vulnerabilities including CVE-2023-28322, CVE-2023-28321, and CVE-2023-28319.
- Fixed FFmpeg vulnerabilities, specifically CVE-2022-3964, CVE-2022-48434, and CVE-2022-3109.
- Corrected an OpenVPN vulnerability categorized as CWE-134.
- Fixed the Hostap vulnerability CVE-2019-10064.
- Patched a command injection vulnerability to improve overall security.
- Strengthened protection against SSH brute force attacks.
Please unzip the firmware file, and then verify the checksum.
SHA256: a79016a3bf2c7c52e73b47d17937327048287c6dc1e6887eebf15f79140aec34
ASUS RT-AX86U Pro will qualify for the ‘Engineered for Intel® Evo™’ designation only when used with firmware version 3.0.0.4.388.23285 or greater. Please download that update to ensure the best experience in compatibility and performance. After Firmware upgrade, please do factory reset to apply the changes.
New features:
-Built-in Surfshark in VPN Fusion allows you to surf the internet anonymously and securely from anywhere by encrypting connections. Please refer to https://asus.click/SurfsharkVPN
-iPhone/Android USB auto backup WAN allows you to connect your phone to the router’s USB port and use it as an internet source. Please refer to https://asus.click/AutobackupWAN
-DDNS transfer allows you to transfer your ASUS DDNS hostname from your original router to the new one. Please refer to https://asus.click/ASUSDDNS
Bug fixes and functionality modifications:
-Resolved the issue with login and password changes.
-Resolved the IPSec VPN connection issues.
-Resolved the Instant Guard connection issues.
-Fixed the AiCloud login issue after unplugging and plugging the HDD into the USB port.
-Fixed the issue where Traffic Analyzer sometimes couldn't record data.
-Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
-Fine-tuned the description for port status.
-Enabled DynDNS and No-IP DDNS to use IPv6.
-Fixed AiMesh preferred AP identification in site survey results.
-Updated timezone list for Greenland, Mexico, and Iran.
-Modified the USB application option text in dual WAN.
-Allowed WireGuard Server clients to access the Samba server.
-Fixed memory leak issue.
-Enabled the failback function when using the iOS/Android USB backup WAN.
-The ARP response issue has been resolved, along with the connection issue between the router and the ROG Phone 6 and 7.
-Resolved the issue where the USB path is not displayed on the Media Server page in the AiMesh node
Security updates:
-Enabled and supported ECDSA certificates for Let's Encrypt.
-Enhanced protection for credentials.
-Enhanced protection for OTA firmware updates.
-Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
-Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
-Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
-Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
-Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group - cse hkust contribution.
-Fixed the cfg server vulnerability. Thanks to Swing and Wang Duo from Chaitin Security Research Lab.
-Fixed the vulnerability in the logmessage function. Thanks to Swing and Wang Duo from Chaitin Security Research Lab C0ss4ck from Bytedance Wuheng Lab, Feixincheng from X1cT34m.
Please unzip the firmware file, and then verify the checksum.
SHA256: 1039ed080c7970190ca7662b6f6ce1de3a8acd66cc1d16f90060e41ffa68fa1d
Be noted: This is an early stage beta, there might be bugs. This version can be downgraded via web GUI only.
1. Recap new features of 3.0.0.6.102: Guest network Pro(SDN), VLAN, Auto USB WAN backup, iPhone tethering, Multi-services WAN.
2. Re-defined VLAN, supports Trunk, Access mode with VLAN-only-network.
3. Synchronize Guest network pro (SDN) with VLAN, create/delete new VLAN-only-network will create/delete a new profile in Guest network as well.
4. Port isolation and AP isolation to restrict device access to each other.
5. Re-defined multi-service WAN, disable it by default.
6. Add surfshark VPN in VPN fusion.
Please unzip the firmware file first then check the MD5 code.
MD5: 05dd93347b4347a91f4b3967dc03cac5
1.Fixed CVE-2022-46871
2.Fixed Client DOM Stored XSS.
3.Improved AiMesh backhaul stability.
4.Fixed AiMesh topology UI bugs.
5.Fixed the reboot issue when assigning specific clients in VPN fusion.
6.Fixed the VPN fusion bug when importing the Surfshark WireGuard conf file.
7.Fixed network map bugs.
Please unzip the firmware file first then check the MD5 code.
MD5: 98a5d371aa396ec2c5005588e06dce5a
1. Fixed multi-language GUI bugs
2. Improved system stability
Please unzip the firmware file first then check the MD5 code.
MD5: 16c418ec546c38c7e38318f4470d77e7
Be noted: This is an early stage beta, there might be bugs. This version can be downgraded via web GUI only.
New Features:
1. Add Guest Network Pro:
• Kids WiFi: Create a network for kids that blocks access to adult content and has a schedule to control when the network is available.
• VPN WiFi: Create a VPN network that connects to 3rd party VPN services or with ASUS site to site VPN(https://www.asus.com/support/FAQ/1048281/) to encrypts your internet connection and hides your IP address to protect your online activities from being tracked or monitored.
• IoT WiFi : Create an IoT (Internet of Things) network that blocks malicious traffic* and only allows 2.4GHz devices to connect.
• Guest WiFi: Create a guest network with a WiFi schedule and access rights to control when and how guests can use the network.
2. Add VLAN in LAN settings.
3. Add Auto USB WAN backup, while primary WAN is down, plug USB phone/dongle will auto enable backup internet, no setup is required.
4. Add iPhone USB tethering. (Please make sure hotspot on iPhone is enabled).
5. Add Multi-services WAN, create multiple profiles on a single WAN interface.
Please unzip the firmware file first then check the MD5 code.
MD5: 94b4d1ea9b751ba676442522f749b0de
1. Fixed 2.5G port cannot be set as Ethernet backhaul.
2. Fixed Time machine related issues.
Please unzip the firmware file first then check the MD5 code.
MD5: feeab6522a625aef66837d541915aec
- Fixed LED issues.
Please unzip the firmware file first then check the MD5 code.
MD5: 87ab804d171b4a3239aac832f68712c6
Initial firmware release
Please unzip the firmware file first then check the MD5 code.
MD5: 1df477d02c2eb9be7fedff03100a89f8