RT-AX58U
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
1. Optimized memory management mechanisms, improving system efficiency and stability.
2. Strengthened input validation and data processing workflows, further protecting your information security.
3. Improved web rendering engine, enhancing browsing experience and security.
4. Enhanced security of system command processing to guard against potential malicious operations.
5. Perfected JavaScript-related security mechanisms, offering a more secure web interaction environment.
Please unzip the firmware file, and then verify the checksum.
SHA256: 693651ab7d180163095a1ef530d2c1f0929d9d977e9215920678537217a3c016
Bug Fixes and Enhancements:
- Improved AiMesh backhaul stability.
- Resolved the issue with login and password changes.
- Enabled WireGuard Server clients to access the Samba server.
- Enabled the failback function when using the iOS/Android USB backup WAN.
- Improved Wireguard performance.
- Enabled DynDNS and No-IP DDNS to use IPv6.
- Improved memory utilization and fixed an occasional server error when registering DDNS with an app.
- Modified the USB application option text in dual WAN.
- Added DS-Lite Support.
- Fixed ipv6 network service filter issues
- Fixed the IPsec VPN compatibility issue with Win10.
- Fixed the reboot issue when assigning specific clients in VPN fusion.
- Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
- Resolved the IPSec VPN and Instant Guard connection issues.
- Resolved an issue that caused hostname errors in the DDNS service.
Security updates:
- Enabled and supported ECDSA certificates for Let's Encrypt.
- Enhanced protection for credentials.
- Enhanced protection for OTA firmware updates.
- Enhanced protection against SSH brute force attacks.
- Fixed several curl vulnerabilities.
- Fixed command injection vulnerability.
- Fixed the ARP poisoning vulnerability.
- Fixed code execution in custom OVPN.
- Fixed the injection vulnerability in AiCloud.
- Fixed stack buffer overflow in lighttpd.
- Fixed CVE-2023-35720
- Fixed the code execution vulnerability in AiCloud.
- Fixed the XSS and Self-reflected HTML injection vulnerability.
- Fixed CVE-2024-3079 and CVE-2024-3080. Thanks to the contribution of swing from Chaitin Security Research Lab.
Please unzip the firmware file, and then verify the checksum.
SHA256: fee17ca598d3540791077c1bb729c084ff4483325f319078d87614708739b4ed
Bug fixes and function modifications:
-Fixed v6plus-Related Issues and Added OCN Support.
-Resolved OpenVPN Server TAP Mode Issue.
-Fixed the problem that the Aicloud app cannot add router on Android 9.
Security updates
-Corrected an OpenVPN vulnerability categorized as CWE-134.
-Fixed several curl vulnerabilities including CVE-2023-28322, CVE-2023-28321, and CVE-2023-28319.
Please unzip the firmware file, and then verify the checksum.
SHA256: d13cd7ad409a9e7333d44efd319052a994b8bd9185f1877418cf19de955956af
Bug Fixes and Enhancements
- NowTV profile has been added under new IPTV profiles.
- IPTV settings have been updated for better compatibility with Unifi Biz VoIP service.
- Fixed a GUI bug that occurred when adding port range rules in the Network Service Filter.
- Resolved an issue that caused hostname errors in the DDNS service.
Security Fixes
- Fixed several curl vulnerabilities including CVE-2023-28322, CVE-2023-28321, and CVE-2023-28319.
- Fixed FFmpeg vulnerabilities, specifically CVE-2022-3964, CVE-2022-48434, and CVE-2022-3109.
- Corrected an OpenVPN vulnerability categorized as CWE-134.
- Fixed the Hostap vulnerability CVE-2019-10064.
- Patched several command injection vulnerabilities. Thanks to Jincheng Wang from X1cT34m Laboratory of Nanjing University of Posts and Telecommunications
- Strengthened protection against SSH brute force attacks.
Please unzip the firmware file, and then verify the checksum.
SHA256: a75c52f617b4f0b22b8a78cbb1624c308c86f1d40d89efa65d6ab1e8af61ca39
New features:
-Built-in Surfshark in VPN Fusion allows you to surf the internet anonymously and securely from anywhere by encrypting connections. Please refer to https://asus.click/SurfsharkVPN
-iPhone/Android USB auto backup WAN allows you to connect your phone to the router’s USB port and use it as an internet source. Please refer to https://asus.click/AutobackupWAN
-DDNS transfer allows you to transfer your ASUS DDNS hostname from your original router to the new one. Please refer to https://asus.click/ASUSDDNS
Bug fixes and functionality modifications:
-Resolved the issue with login and password changes.
-Resolved the IPSec VPN connection issues.
-Resolved the Instant Guard connection issues.
-Fixed the AiCloud login issue after unplugging and plugging the HDD into the USB port.
-Fixed the issue where Traffic Analyzer sometimes couldn't record data.
-Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
-Fine-tuned the description for port status.
-Enabled DynDNS and No-IP DDNS to use IPv6.
-Fixed AiMesh preferred AP identification in site survey results.
-Updated timezone list for Greenland, Mexico, and Iran.
-Modified the USB application option text in dual WAN.
-Allowed WireGuard Server clients to access the Samba server.
-Fixed memory leak issue.
-Enabled the failback function when using the iOS/Android USB backup WAN.
-The ARP response issue has been resolved, along with the connection issue between the router and the ROG Phone 6 and 7.
-Resolved the issue where the USB path is not displayed on the Media Server page in the AiMesh node
Security updates:
-Enabled and supported ECDSA certificates for Let's Encrypt.
-Enhanced protection for credentials.
-Enhanced protection for OTA firmware updates.
-Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
-Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
-Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
-Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
-Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group - cse hkust contribution.
-Fixed the cfg server vulnerability. Thanks to Swing and Wang Duo from Chaitin Security Research Lab.
-Fixed the vulnerability in the logmessage function CVE-2023-35086/ CVE-2023-35087. Thanks to Swing and Wang Duo from Chaitin Security Research Lab C0ss4ck from Bytedance Wuheng Lab, Feixincheng from X1cT34m.
- Fixed CVE-2023-31195
Please unzip the firmware file, and then verify the checksum.
SHA256: 5975e675481949dd7a9a29e3e3cb9f3fdd1aa7e757f1fef1f4e40073dee843fe
1.Fixed CVE-2022-46871
2.Fixed Client DOM Stored XSS.
3.Improved AiMesh backhaul stability.
4.Fixed AiMesh topology UI bugs.
5.Fixed the reboot issue when assigning specific clients in VPN fusion.
6.Fixed the VPN fusion bug when importing the Surfshark WireGuard conf file.
7.Fixed network map bugs.
Please unzip the firmware file first then check the MD5 code.
MD5: 5532bb77bc2afc51c85b76bb7d4f3f1a
1. Supported WireGuard VPN server and client.
2. Supported VPN fusion. It can easily achieve VPN connection to network devices like Smart TV, Game consoles and without installing the VPN client software.
3. Supported new devices connection notification.
4. Supported connection diagnostic on the ASUS router app.
5. Supported Instant Guard 2.0 which helps easily invite family or friends to join the VPN connection.
6. Upgraded parental control and added reward, new scheduler for flexible setting
7. Fixed USB icon issue in port status.
8. Fixed HTTP response splitting vulnerability. Thanks to Efstratios Chatzoglou, University of the Aegean.
9. Fixed status page HTML vulnerability. Thanks to David Ward.
10. Fixed CVE-2018-1160. Thanks to Steven Sroba.
11. Fixed cfg_server security issue.
Please unzip the firmware file first then check the MD5 code.
MD5: cae183e7cb66cb79af55dc6295be2fe1
1. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-25595, CVE-2022-25596, CVE-2022-25597, CVE-2022-26376,CVE-2021-34174, CVE-2022-26376,CVE-2022-0778
2. Fixed CVE-2018-1160. Thanks to Steven Sroba
3. Fixed Stored XSS vulnerability. Thanks to Milan Kyselica of IstroSec.
4. Fixed anomalous 802.11 frame issues.
Thanks to Kari Hulkko and Tuomo Untinen from The Synopsys Cybersecurity Research Center (CyRC). Issue was found by using Defensics Fuzz Testing Tool.
5. Fixed v6plus issues.
6. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.
7. Supported Safe Browsing in the router app to filter explicit content from search results. You can set it in the router app --> Devices or Family.
8. Improved system stability.
Please unzip the firmware file first then check the MD5 code.
MD5: e6585b0748c26aec8e5a4625affc2ca3
1.Fix IPv6+ related issues
2.Improve system stability
3.GUI bugs fixed.
4.Fixed CVE-2022-26376
Please unzip the firmware file first then check the MD5 code.
MD5: 84eda699d7ebe5ae552499768b71823d
1. Fixed AiMesh dose not work properly.
2. Fixed OpenSSL CVE-2022-0778
3. Added more security measures to block malware.
4. Fixed Stored XSS vulnerability. Thanks to Milan Kyselica of IstroSec.
5. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-25595, CVE-2022-25596, CVE-2022-25597
6. Fixed CVE-2021-34174
Please unzip the firmware file first then check the MD5 code.
MD5: 901eaf86a2b1188f5e6019455f9b1884
1. Fixed v6plus related issues
2. Firewall supports IPv6 list.
3. Fixed the case of some ISP only can get the private IPv6 address.
4. Minor GUI bug fixes.
*Due to core software module upgrade, if you wanna to upgrade to this version, please must update your router to 3.0.0.4.386.45898 first.
Please unzip the firmware file first then check the MD5 code.
MD5:A35D678FCA72D8536F3F126AA0E4D88A
1. Fixed AiMesh web page multi-language issues.
2. Fixed Let's encrypt issues.
3. Fixed Stored XSS vulnerability.
4. Fixed CVE-2021-41435, CVE-2021-41436.
Thanks to Efstratios Chatzoglou, University of the Aegean
Georgios Kambourakis, European Commission at the European Joint Research Centre
Constantinos Kolias, University of Idaho.
5. Fixed Stack overflow vulnerability. Thanks to Jixing Wang (@chamd5) contribution.
6. Fixed information disclosure vulnerability .Thanks to CataLpa from DBappSecurity Co.,Ltd Hatlab and 360 Alpha Lab contribution.
Please unzip the firmware file first then check the MD5 code.
MD5: 4b80f4f7c3bbf390dada553702f4879c