RT-AC56R
RT-AC56R
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
Fixed a DDoS vulnerability
Please unzip the firmware file first then check the MD5 code.
MD5: b32190074e2133b8f6d779f3d6c779ef
Security Fix
- Fixed DDoS vulnerability.
- Fixed AiCloud vulnerability. Thanks for Matt Cundari's contribution.
- Fixed command injection vulnerability. Thanks for S1mba Lu's contribution.
- Fixed buffer overflow vulnerability. Thanks for Javier Aguinaga's contribution.
- Fixed CVE-2018-20334
- Fixed CVE-2018-20336
- Fixed null pointer issue. Thanks for CodeBreaker of STARLabs’ contribution.
- Fixed AiCloud buffer overflow vulnerability. Thanks for Resecurity International's contribution.
Please unzip the firmware file first then check the MD5 code.
MD5: 0d278d03215e104103828761c80c0a0c
Security fixed
-Fixed password stored in plain text (CVE-2017-15656)
Special thanks for Blazej Adamczyk contribution.
-Fixed web GUI authorization vulnerabilities.
-Fixed Smart Sync Stored XSS vulnerabilities. Thanks to Guy Arazi's contribution.
-Fixed CVE-2018-5721 Stack-based buffer overflow.
-Fixed XSS vulnerability. Thanks to Yonghui Han of Fortinet's FortiGuard Labs.
-Fixed CVE-2018-8877, CVE-2018-8878, CVE-2018-8879
-Fixed plain text password vulnerability in lighthttpd
-Fixed information disclosure vulnerability. Thanks to Haitan Xiang and Fand Wang.
-Fixed CVE-2018-8826 remote code execution vulnerability. Thanks to Chris Wood.
- Improved system stability.
- Modified Quick Internet Setup wizard process.
- Main SSID and guest network can hide independently.
- Modified the EULA for DDNS, AiProtection, Adaptive QoS, Traffic Analyzer, Web history, Feedback.
- Added Privacy page in Advanced settings
- Fixed IPv6 bugs
- Modified USB 3.0 related strings.
- Added more protection mechanism for OpenVPN account.
Please unzip the firmware file first then check the MD5 code.
MD5: b26182860aefbed3a03930c26a76449d
Security fixed
- Fixed XSS vulnerability. Thanks for Joaquim's contribution.
- Fixed LAN RCE vulnerability. An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
- Fixed remote code execution vulnerability. Thanks to David Maciejak of Fortinet's FortiGuard Labs
- Fixed Smart Sync Stored XSS vulnerabilities. Thanks fo Guy Arazi's contribution.
- Fixed CVE-2018-5721 Stack-based buffer overflow.
Bug fixed
- Fixed CTF related issues.
- Fixed client icon modification issue when client name includes special characters.
- Fixed network map abnormal response time issues.
- Fixed client list issues.
- Fixed AiCloud smart sync issues.
Please unzip the firmware file first then check the MD5 code.
MD5: 308aa99479cb9ef1a84417ce88a01806
Security fixed
- Fixed KRACK vulnerability
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704 : Bug collision
- Fixed predictable session tokens, logged user IP validation, Logged-in information disclosure (special thanks for Blazej Adamczyk contribution)
- Fixed web GUI authorization vulnerabilities.
- Fixed AiCloud XSS vulnerabilities
- Fixed web history XSS vulnerabilities (special thanks for Jamie Riden of NCC Group)
Please unzip the firmware file first then check the MD5 code.
MD5: 489b74e1ef0e04c2c419bee92f43ded4
Security fixed
- Fixed CVE-2017-8828 (XSS vulnerability)
- Fixed CVE-2017-5892 (JSONP Information Disclosure)
- Fixed CVE-2017-7494 (Samba remote code execution vulnerability)
- Improved brute-force protection for SSH, Telnet connection.
Bug fixed
- Fixed URL filter, keyword filter, network filter time related issue.
Please unzip the firmware file first then check the MD5 code.
MD5: b61ff0f534a598b315b2829a31d4d5d4
Security fixed
- Fixed CVE-2017-5891.
- Fixed CVE-2017-5892.
- Fixed CVE-2017-6547.
- Fixed CVE-2017-6549.
- Fixed CVE-2017-6548.
- Added log message for brute force attack.
Bug fixed
- Fixed bandwidth limiter bugs.
- Fixed UI issue when using Chrome 56.
- Fixed smart sync bugs.
Please unzip the firmware file first then check the MD5 code.
MD5: 669a46e96f9daa03abaa456fea111840