- Improved system stability.
- Fixed XSS vulnerability. Thanks to Yonghui Han of Fortinet's FortiGuard Labs.
- Fixed CVE-2018-8877, CVE-2018-8878, CVE-2018-8879
- Modified Quick Internet Setup wizard process.


Please unzip the firmware file first then check the MD5 code.
MD5: 8bc33d3d61d6b0d8b4c62af00e0c093a

Release note
- Fixed information disclosure vulnerability. Thanks to Haitan Xiang and Fand Wang.
- Fixed CVE-2018-5721 Stack-base buffer overflow vulnerability
- Fixed CVE-2018-8826 remote code code execution vulnerability. Thanks to Chris Wood.
- Fixed CVE-2018-5999 HTTP authorization bypass and CVE-2018-6000. An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
-Fixed remote code execution vulnerability. Thanks to David Maciejak of Fortinet's FortiGuard Labs
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704: Bug collision


Please unzip the firmware file first then check the MD5 code.
MD5: 7526b39f4f43b13da791b54385fe1fdd

Security fixed
- Fixed KRACK vulnerability
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704 : Bug collision
- Fixed predictable session tokens, logged user IP validation, Logged-in information disclosure (special thanks for Blazej Adamczyk contribution)
- Fixed web GUI authorization vulnerabilities.



Please unzip the firmware file first then check the MD5 code.
MD5: 0b90842fa54bd70d3a239c45af1794b5

Bug fixed
-[WISP] fix repeater mode redirect issue
- force to redirect into index.asp, let user check connection status in networkmap
-[WISP] Fix loading bar abnormal

Security Related
- Restriced access from wan method to enhance security.

New features
- Support ASUS Router App
- Supported auto dynamic port changing of UPnP server when ports conflict.

Bug fixed
- Fixed reboot scheduler GUI issues
- Fixed Quick setup wizard GUI issue

MD5:2cc7b0f4cc146a757eb9d3e40dd9e1ef

[Important] This version include lots of security fixed and change the authentication method.
After firmware updated, please press the reset button more than five seconds to reset the router to avoid some compatibility issues.

Security fixes:
- Fixed User-Agent buffer overflow.
- Fixed null ptr dereference in https issue.
- Fixed buffer overflow issues.
- Modified brute-force protection mechanism in router login page.
- Fixed CVE-2015-6949 buffer overflow issue.
- Fixed Web server Accept-Language buffer overflow.
- Fixed Web server URL handler buffer overflow.
- Fixed CSRF and XSS vulnerability.
- Enhanced router login password and wireless password(WPA2) strength check method to against brute-force attack.
- Reject administrator to set too easy to guess login and wireless password to avoid brute-force attack.
- Fixed CSRF and XSS vulnerability when router is in default status (user does not set the router yet)

New Features
- Added Bandwidth Limiter in QoS. Let administrator easily limit specific client's upload/ download bandwidth
- Independent mac filter for main wireless network and guest network. Administrator can set white list for main wireless network to only allow trust client connect to main wireless network and share network to guest with guest network
- Modified the network map client status. When chick the client icon, administrator can bind IP, change host name, change icon, block internet access or set time scheduling.
- Added client list view button on network map and help administrator easily monitor all client connection status.
- Add WISP mode in Administration--> Operation mode to let RT-N12_B1 connect to existing ISP hot spot by wireless and share network to LAN devices.
- Add reboot schedule in Administration --> System

Modifications
- Adjusted Guest network mac filter maximum client number to 16
- Allow paste password on login page to fulfil some password management softwares requirement.
- Show current control channel while value is auto.
- Bandwidth limiter can accept decimal point.
- Unnecessary to reboot router after set allow only spcified IP address to enter GUI.
- Changed warning page style.

Bug fixes
- Fixed setup wizard IE11 compatibility issue.
- Fixed MAC clone abnormal issue
- Fixed web redirection issue when WAN IP conflicted.
- Fixed compatibility issues for IE8
- Fixed GUI related issues
- Fixed login issue when router’s IP is 10.x.x.x
- Fixed parental control-> time scheduling related issue.
- Fixed IPv6 relay issues.

MD5:66c259dba2207b78a6c35cd9ab631ce9

Important Note：
Please press the reset button more than five seconds to reset the router to avoid compatibility issue after firmware uploaded.
This version changed the authentication method to improve security and require resetting router.

Security Fixes
- Fixed CVE-2015-6949 buffer overflow issue, special thanks for Elvis Collado at Praetorian.
- Fixed Web server Accept-Language buffer overflow, special thanks for Elvis Collado at DVLabs.
- Fixed Web server URL handler buffer overflow special thanks for Elvis Collado at DVLabs.
- Fixed CSRF and XSS vulnerability.
- Fixed infosvr security issue
- Enhanced router login password and wireless password (WPA2) strength check method to against brute-force attack.
- Reject administrator to set too easy to guess login and wireless password to avoid brute-force attack.

New Features：
- Added Bandwidth Limiter in QoS. Let administrator easily limit specific client's upload/ download bandwidth
- Independent mac filter for main wireless network and guest network. Administrator can set white list for main wireless network to only allow trust client connect to main wireless network and share network to guest with guest network
- Modified the network map client status. When chick the client icon, administrator can bind IP, change host name, change icon, block internet access or set time scheduling.
- Added client list view button on network map and help administrator easily monitor all client connection status.
- Time scheduling, Wireless MAC filter client drop down menu can show offline devices.
- Web history and traffic analyzer can show device name.

Modifications：
- Added Meo and Movistar ISP profile.
- Added new DDNS provider www.oray,com
- Adjusted Guest network mac filter maximum client number to 16
- Allow paste password on login page to fulfil some password management softwares requirement.
- Show current control channel while value is auto.
- Bandwidth limiter can accept decimal point.
- Unnecessary to reboot router after set allow only spcified IP address to enter GUI.
- Changed warning page style.

Fixes：
- Fixed setup wizard IE11 compatibility issue.
- Fixed MAC clone abnormal issue
- Fixed web redirection issue when WAN IP conflicted.
- Fixed compatibility issues for IE8
- Fixed GUI related issues
- Fixed login issue when router’s IP is 10.x.x.x
- Fixed parental control-> time scheduling related issue.
- Fixed network tool related issues.
- Fixed USB HDD issue when using time machine.
- Fixed network map UI issue when selected French.
- Fixed dropdown UI offset issue at Parental control.

MD5:1a5c6b60e98bf9497d96eb3d6b3f8dde

- Release Note -
[Please note] This version changed the login authentication method. Please unplug the hard drive before updating firmware.
After firmware updated, please press the reset button more than five seconds to reset the router to avoid some compatibility issues.

Security fixes
- Enhanced the login authentication strength and fixed brelated issues.
- Forced administrator to change the default password "admin" in internet setup wizard.
- Added protection mechanism for GUI login brute-force attack for login username and password.
- Administrator can assign a specified IP to login GUI in Administration > System > "Allow only specified IP.
- Fixed CSRF and XSS vulnerability when router is in default status.
- Fixed infosvr security issue.

New feature
- Added client list view button on network map and help administrator easily monitor all client connection status.
- Added the question feedback in Administration -> Feedback
- Added new DDNS provider www.oray.com
- Added stateful server in IPv6

Bug fixes
- Fixed the NAT loopback issue when connecting to LAN FTP server.
- Fixed lease time and lease expires time
- Fixed Ethernet connection fail in IPv6 when WAN hwaddr is cloned.
- Fixed allowed and blocked incoming icmp firewall rules.
- Fixed dnsmasq buffer overflow issue.
- Fixed login issue when router’s IP is 10.x.x.x
- Fixed parental control-> time scheduling related issue.
- Fixed network tool related issues.
- Fixed mac clone issue.
- Modified QIS welcome page

MD5: d027fb921c1fa8181a5e9029c21b5ede

- Release note-

- Fixed CVE-201301813
- Fixed the XSS vulnerability on page Main_Analysis_Content.asp 
- Updated QIS string.
- Add DDNS support method and tutorials on web interface when DDNS is not able to use in some areas.
- Fixed time zone setting issues 
- Added Movistar profile in IPTV setting page

-Fixed infosvr security issue.
-Fixed Cross-site request forgery security issue