RT-AX68U
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
Bug Fixes and Enhancements:
- Enabled DynDNS and No-IP DDNS to use IPv6.
- Enabled WireGuard Server clients to access the Samba server.
- Enabled the failback function when using the iOS/Android USB backup WAN.
- Improved AiMesh backhaul stability.
- Improved Wireguard performance.
- Improved consistent display of client status on the WireGuard server.
- Improved stability when enabling or disabling the WireGuard server.
- Improved system stability when accessing the WireGuard Server with DMZ enabled.
- Improved memory utilization and fixed an occasional server error when registering DDNS with an app.
- Modified the USB application option text in dual WAN.
- Fixed network map bugs.
- Fixed memory leak issue.
- Fixed v6plus related Issues.
- Fixed ipv6 network service filter not work.
- Fixed the IPsec VPN compatibility issue with Win10.
- Fixed the reboot issue when assigning specific clients in VPN fusion.
- Fixed Client DOM Stored XSS vulnerability.
- Fixed the AiCloud login issue after unplugging and plugging the HDD into the USB port.
- Fixed the problem that the AiCloud app cannot add router on Android 9.
- Fixed the issue where Traffic Analyzer sometimes couldn't record data.
- Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
- Fixed AiMesh preferred AP identification in site survey results.
- Fixed a bug encountered when adding a rule to the network services filter.
- Fine-tuned the description for port status.
- Resolved the issue with login and password changes.
- Resolved the IPSec VPN connection issues.
- Resolved OpenVPN Server TAP Mode Issue.
- Resolved the Instant Guard connection issues.
- Resolved an issue that caused hostname errors in the DDNS service.
- Resolved the ARP response issue, along with the connection issue between the router and the ROG Phone 6 and 7.
- Resolved the issue where the USB path is not displayed on the Media Server page in the AiMesh node.
Security updates:
- Enabled and supported ECDSA certificates for Let's Encrypt.
- Enhanced protection for credentials.
- Enhanced protection for OTA firmware updates.
- Enhanced protection against SSH brute force attacks.
- Fixed CVE-2022-46871.
- Fixed Client DOM Stored XSS.
- Fixed DoS vulnerabilities in httpd and firewall configuration pages.
- Fixed information disclosure vulnerability.
- Fixed null pointer dereference vulnerabilities.
- Fixed the cfg server vulnerability.
- Fixed FFmpeg vulnerabilities.
- Fixed OpenSSL vulnerabilities.
- Fixed several curl vulnerabilities.
- Fixed CVE-2023-28702 and CVE-2023-28703.
- Fixed an OpenVPN vulnerability categorized as CWE-134.
- Fixed the vulnerability in the logmessage function CVE-2023-35086/ CVE-2023-35087.
- Fixed security issues on the status page.
Please unzip the firmware file, and then verify the checksum.
SHA256: 40e0542072bf383edf67c28f4463d6b5c7e8b8234be547d0b72e2ad7626d2268
1. Supported WireGuard VPN server and client.
2. Supported VPN fusion. It can easily achieve VPN connection to network devices like Smart TV, Game consoles and without installing the VPN client software.
3. Supported new devices connection notification.
4. Supported connection diagnostic on the ASUS router app.
5. Supported Instant Guard 2.0 which helps easily invite family or friends to join the VPN connection.
6. Upgraded parental control and added reward, new scheduler for flexible setting
7. Fixed USB icon issue in port status.
8. Fixed HTTP response splitting vulnerability. Thanks to Efstratios Chatzoglou, University of the Aegean.
9. Fixed status page HTML vulnerability. Thanks to David Ward.
10. Fixed CVE-2018-1160. Thanks to Steven Sroba.
11. Fixed cfg_server security issue.
12. Fixed miniupnpc vulnerabilities, CVE-2015-603, CVE-2017-1000494.
13. Fixed IPSec server vulnerability, CVE-2022-40617.
14. Improved connection speed with Verizon FIOS.
15. Fixed IPTV compatibility issue with Movistar. Thanks to Sergio de Luz from RedesZone.net.
Please unzip the firmware file first then check the MD5 code.
MD5: fa6be22b3dd95ad769b55496b5570eb1
1.Improved system stability
2.Fixed HTTP response splitting vulnerability. Thanks to Efstratios Chatzoglou, University of the Aegean.
3.Fixed status page HTML vulnerability. Thanks to David Ward.
4.Fixed CVE-2018-1160. Thanks to Steven Sroba.
5.Fixed cfg_server security issue.
Please unzip the firmware file first then check the MD5 code.
MD5: 1a7934d46f66b17119425320bab04d64
1. Fixed OpenSSL CVE-2022-0778
2. Fixed CVE-2021-34174
3. Added more security measures to block malware.
4. Fixed Stored XSS vulnerability. Thanks to Milan Kyselica of IstroSec.
5. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-25595, CVE-2022-25596, CVE-2022-25597, CVE-2022-26376
6. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.
7. Supported Safe Browsing in the router app to filter explicit content from search results. You can set it in the router app --> Devices or Family.
8. Improved system stability.
Please unzip the firmware file first then check the MD5 code.
MD5: 1921dd988466f2a81e865f8b3b665ef1
Security
- Fixed string format stacks vulnerability
- Fixed cross-site-scripting vulnerability
- Fixed informational vulnerability.
Thanks to Howard McGreehan.
-Fixed SQL injection vulnerability
-Fixed json file traversal vulnerability
-Fixed plc/port file traversal vulnerability
-Fixed stack overflow vulnerability
Thanks to HP of Cyber Kunlun Lab
-Fixed authenticated stored XSS vulnerability
Thanks to Luke Walker – SmartDCC
-Fixed LPD denial of service vulnerability
-Fixed cfgserver heap overflow vulnerability
-Fixed cfgserver denial of service vulnerability
Thanks to TianHe from BeFun Cyber Security Lab.
Added more ISP profile
Digi 1 - TM
Digi 2 - TIME
Digi 3 - Digi
Digi 4 - CTS
Digi 5 - ALLO
Digi 6 - SACOFA
Maxis - CTS
Maxis - SACOFA
Maxis - TNB/ALLO
Fixed WAN connection bug.
Fixed AiProtection bug.
Fixed AiMesh guest network issues.
Fixed DDNS issues where the WAN IP is IPv6
Fixed UI bugs in Administration --> feedback.
Fixed time zone error.
Fixed v6plus related issues.
Improved the connection stability.
Please unzip the firmware file first then check the MD5 code.
MD5:6952fbeff1e4feed2711de16ad5588f6
1. Fixed Let's encrypt related bugs.
2. Fixed httpd and Cfg server DoS vulnerability
Thanks to Wei Fan from NSFOCUS GeWuLAB.
3. Fixed stack overflow vulnerability
4. Fixed DoS vulnerability
Thanks to Fans0n, le3d1ng, Mwen, daliy yang from 360 Future Security Labs
Please unzip the firmware file first then check the MD5 code.
MD5:93f924e91b71a3e7ece4d8713f665e5f
This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018- 1000517
cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839
Lighttpd
- CVE-2018-19052
Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052
lldpd
- CVE-2020-27827
Avahi
- CVE-2017-6519
hostapd
- CVE-2021-30004
- CVE-2019-16275
OpenVPN
- CVE-2020-11810
- CVE-2020-15078
wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041
2.Fixed Let's encrypt issues.
3.Fixed Stored XSS vulnerability.
4.Fixed CVE-2021-41435, CVE-2021-41436.
Thanks to Efstratios Chatzoglou, University of the Aegean
Georgios Kambourakis, European Commission at the European Joint Research Centre
Constantinos Kolias, University of Idaho.
5.Fixed Stack overflow vulnerability. Thanks to Jixing Wang (@chamd5) contribution.
6.Fixed information disclosure vulnerability .Thanks to CataLpa from DBappSecurity Co.,Ltd Hatlab and Yao Chen(@ysmilec) of 360 Alpha Lab contribution.
7. Fixed WAN DNS setting cannot setup LAN side pihole server.
8. Fixed DoS vulnerability from spoofed sae authentication frame. Thanks for Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.
9. Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.
Please unzip the firmware file first then check the MD5 code.
MD5: 0eb15e1ddeaafad0d2cee4e7d7b26e96
- Fix AiMesh related issues.
- Fix Let's encrypt related issues.
Please unzip the firmware file first then check the MD5 code.
MD5: f67ae60bd79ea93f84a5c03bd334a912
- Fixed DoS vulnerability. Thanks for Tsinghua University NISL's contribution.
- Fixed Chromecast compatibility issues
- Fixed CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
- Fixed the fragattacks vulnerability.
Please unzip the firmware file first then check the MD5 code.
MD5: 472f6f482182edfcea769fd2bc36ff21
1. Bugs Fixed
2. New Family interface in ASUS router App.
ASUS Router App for iOS must greater or equal to iOS v1.0.0.5.75
Android version greater or equal to v1.0.0.5.74
Please unzip the firmware file first then check the MD5 code.
MD5: b99baf011dd898b828ea7e2df475d328
- Initial Release
Please unzip the firmware file first then check the MD5 code.
MD5: d768aacd35910001cc6eb7f18f3a635c