ROG Rapture GT-AC2900
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
Security updates:
-Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
-Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
-Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
-Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
-Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group - cse hkust contribution.
-Fixed HTTP response splitting vulnerability.
-Fixed Samba related vulerabilities.
-Fixed cfg server security issues.
-Fixed Open redirect vulnerability.
-Fixed token authentication security issues.
-Fixed security issues on the status page.
-Fixed XSS vulnerability.
-Fixed CVE-2022-26376
-Fixed CVE-2018-1160
Please unzip the firmware file first then check the MD5 code.
MD5: 60e133b05471dc874fe71800b8f30469
1. Fixed OpenSSL CVE-2022-0778
2. Added more security measures to block Cyclops blink malware.
3. Fixed Stored XSS vulnerability. Thanks to Milan Kyselica of IstroSec.
4. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-25595, CVE-2022-25596, CVE-2022-25597
5. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.
Please unzip the firmware file first then check the MD5 code.
MD5: e5f37fa30a737ff6b2a66fc0ec55c113
Security
- Fixed string format stacks vulnerability
- Fixed cross-site-scripting vulnerability
- Fixed informational vulnerability.
Thanks to Howard McGreehan.
-Fixed SQL injection vulnerability
-Fixed json file traversal vulnerability
-Fixed plc/port file traversal vulnerability
-Fixed stack overflow vulnerability
Thanks to HP of Cyber Kunlun Lab
-Fixed authenticated stored XSS vulnerability
Thanks to Luke Walker – SmartDCC
-Fixed LPD denial of service vulnerability
-Fixed cfgserver heap overflow vulnerability
-Fixed cfgserver denial of service vulnerability
Thanks to TianHe from BeFun Cyber Security Lab.
-Fixed CVE-2021-34174, CVE-2022-23972, CVE-2022-23970, CVE-2022-23971, CVE-2022-23973
Added more ISP profile
Digi 1 - TM
Digi 2 - TIME
Digi 3 - Digi
Digi 4 - CTS
Digi 5 - ALLO
Digi 6 - SACOFA
Maxis - CTS
Maxis - SACOFA
Maxis - TNB/ALLO
Fixed AiMesh guest network issues.
Fixed DDNS issues where the WAN IP is IPv6
Fixed UI bugs in Administration --> feedback.
Fixed time zone error.
Improved the connection stability.
Fixed IPSecVPN issues.
Please unzip the firmware file first then check the MD5 code.
MD5:5d2e2cc332d455d9a6ca4d0bfc1274db
This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018- 1000517
cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839
Lighttpd
- CVE-2018-19052
Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052
lldpd
- CVE-2020-27827
Avahi
- CVE-2017-6519
hostapd
- CVE-2021-30004
- CVE-2019-16275
OpenVPN
- CVE-2020-11810
- CVE-2020-15078
wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041
- Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.
- Fixed Stored XSS vulnerability.
- Fixed CVE-2021-41435, CVE-2021-41436.
Thanks to Efstratios Chatzoglou, University of the Aegean
Georgios Kambourakis, European Commission at the European Joint Research Centre
Constantinos Kolias, University of Idaho.
- Fixed Stack overflow vulnerability. Thanks to Jixing Wang (@chamd5) contribution.
- Fixed information disclosure vulnerability .Thanks to CataLpa from DBappSecurity Co.,Ltd Hatlab and 360 Alpha Lab contribution.
- Fixed httpd and Cfg server DoS vulnerability
Thanks to Wei Fan from NSFOCUS GeWuLAB.
- Fixed stack overflow vulnerability
- Fixed DoS vulnerability
Thanks for the contribution of Fans0n, le3d1ng, Mwen, daliy yang from 360 Future Security Labs
Please unzip the firmware file first then check the MD5 code.
MD5:a4dfc8320250d21469c5ab1d8a5cac80
1. Fixed authentication bypass vulnerability. Special thank Chris Bellows, Darren Kemp – Atredis Partners contribution.
2. Fixed PPTP and OpenVPN server username/password GUI bug.
3. Fixed the fragattacks vulnerability.
Please unzip the firmware file first then check the MD5 code.
MD5: dc124891c305e56942f926a627bf9e05
Security Fixed:
Fixed CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
Please be noted this is a quick fix beta version for DNSmasq vulnerabilities. Refer to "Method 2: Update Manually" in https://www.asus.com/support/FAQ/1008000 to update this firmware.
Please unzip the firmware file first then check the MD5 code.
MD5: 2421a23526bc1846c2e0c3a8d7e94080
1. AiMesh 2.0
- System optimization: one click in AiMesh to optimize the topology
- System Ethernet backhaul mode, all nodes will only connect by ethernet, and all bands can release for wireless clients.
- System factory default and reboot.
- Client device reconnect, make the device offline and online again.
- Client device binding to specific AP.
- Guest WiFi on all Mesh nodes (all node need to upgrade to 3.0.0.4.386 firmware)
- Access nodes USB application.
Connection priority and Ethernet backhaul mode introduction
https://www.asus.com/support/FAQ/1044184
How to setup ASUS AiMesh or ZenWiFi Mesh Ethernet backhaul under different conditions
https://www.asus.com/support/FAQ/1044151/
2. New Family interface in ASUS router App.
ASUS Router App for iOS must greater than iOS v1.0.0.5.75
Android version greater than v1.0.0.5.74
3. The unit of the WiFi time scheduler goes to 1 minute.
4. Support IPSec IKE v1 and IKE v2, and you can use the Windows 10 native VPN client program to connect to the router's IPSec VPN server. The Windows 10 new FAQ is in https://www.asus.com/support/FAQ/1033576
5. 2.4 and 5G settings on the network map could modify in the same tab.
6. Captcha for login can be disabled in the administration -> system.
7. Printer server port can be disabled on the USB app page.
8. Clients who connect to the guest network can be viewed in the network map -->view list --> interface
9. Fixed Let's Encrypt issue.
10. Added IPTV supports for a specific region.
Please unzip the firmware file first then check the MD5 code.
MD5: 79fd649721d2e2dc113dc5c79ea0e628
- Fixed buffer overflow vulnerability
- Fixed wireless performance drop issue after send the feedback.
- Fixed static WAN IP connection issues.
Please unzip the firmware file first then check the MD5 code.
MD5: 911ca01eb84e67f0b05d26035ffc250d
Security update
- Fixed CVE-2020-12695 (CallStranger)
- Fixed Reflected XSS vulnerability.
- Fixed Directory traversal vulnerability.
- Fixed CVE-2017-15653.
The update server transport layer security was upgraded and the old protocol was removed.
If your router firmware version is lower than 3.0.0.4.384_81468, please refer to the "Update Manually" section in https://www.asus.com/support/FAQ/1008000 to update the firmware.
Please unzip the firmware file first then check the MD5 code.
MD5: 0c4f2a9b748da964d2f71a689af5fb13
- Fixed Let's encrypt certification renew bugs.
- Improved web history page loading speed.
- Fixed OpenVPN related bugs
Please unzip the firmware file first then check the MD5 code.
MD5: 7e1f99db78f7d1ecba164d05d78b0b98
- Improved connection stability.
- Fixed AiCloud share link bugs.
- Fixed AiCloud connection bugs with AiMusic App.
- Fixed Cloud sync bugs.
- VPN client can be turned on/off by ASUS router app.
- Support router certificate export. After import the certificate to the computer you will not see the warning message when login with https. Please refer to https://www.asus.com/us/support/FAQ/1034294/
- Adaptive QoS supported more apps
Work-From-Home: WeChat Work®, RescueAssist, Tencent/VooV Meeting®
Learn-From-Home: LinkedIn Learning®, Binkist®, Skillshare®, edX®
Media Streaming: SiriusXM®, Bilibili®
Indoor training: The Sufferfest®, Bkool Fitness®, TrainerRoad®, Rouvy®
Please unzip the firmware file first then check the MD5 code.
MD5: f4702b190cec5bfddf1d95c72d39e784
- Fixed VPN fusion connection issues.
- Fixed Let's Encrypt related bugs.
- Fixed folder creating bugs in Samba.
- Improved Wi-Fi stability.
- Fixed CVE-2019-15126 (Kr00k) vulnerability.
Please unzip the firmware file first and then check the MD5 code.
MD5: c1db3714795ae11fcbe773d13c6f3a91
Please be noted this is a beta version, if you want to roll back to the official version, you will need to process manual firmware update in web GUI.
- Fixed VPN fusion connection issues
Please unzip the firmware file first then check the MD5 code.
MD5: 267a8e6ddfecdd4cdefab28d1378440a
- Fixed link aggregation bugs.
- Fixed the AiMesh issues with ASUS Lyra.
Please unzip the firmware file first then check the MD5 code.
MD5: 1cbc2b44091e60b870a00af224734cac
Security fix
- Fixed a DDoS vulnerability.
Bug fix
- Fixed web control interface login problem.
- Fixed Network map client list issues.
- Fixed block internet access problem when clients connected to AiMesh node
- Fixed Samba server compatibility issue.
- Fixed LED button control bug.
- Fixed Let's Encrypt related bugs.
- Fixed OpenVPN related bugs.
- Fixed schedule reboot bugs.
- Improved AiMesh compatibility.
- Improved system stability.
Please unzip the firmware file first then check the MD5 code.
MD5: fff657918d0058f806dd00fc91a9a6ce
- GUI bug fixes
Please unzip the firmware file first then check the MD5 code.
MD5: 07c076b734df2e243a8e28d85778742a
- Improved stability
Please unzip the firmware file first then check the MD5 code.
MD5: 409ef648e190cb256a41782ca3330d7f
- Fix stability issue
Please unzip the firmware file first then check the MD5 code.
MD5: 6b93ca744ced899d9574cbfd98f6199e
- Modified LED behavior
- Fixed Open NAT related bugs
Please unzip the firmware file first then check the MD5 code.
MD5: a932fecdd8d556ea351535c8670228cd
The First firmware release
Please unzip the firmware file first then check the MD5 code.
MD5: ddf603618d079d9bca05ffb797108a02