RT-AX56U
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
1. Strengthened input validation and data processing workflows to further protect information security.
2. Enhanced AiCloud password protection mechanisms, safeguarding against unauthorized access attempts.
3. Enhanced device security through improved buffer handling in connection features.
4. Refined data handling processes, ensuring secure and accurate information management.
5. Enhanced file access control mechanisms, promoting a more secure operating environment.
6. Strengthened certificate protection, providing enhanced data security.
Please unzip the firmware file, and then verify the checksum.
SHA256: c8bcb1b4b9904d8d450126304ab8853cc730a11b18e29c40a21df61ed1a23cb4
Security updates:
Fixed command injection vulnerability.
Fixed the ARP poisoning vulnerability.
Fixed code execution in custom OVPN.
Fixed the injection vulnerability in AiCloud.
Fixed stack buffer overflow in lighttpd.
Fixed CVE-2023-35720
Fixed the code execution vulnerability in AiCloud.
Fixed the XSS and Self-reflected HTML injection vulnerability.
*Please be advised that due to a security upgrade in AiMesh, we strongly recommend against downgrading to previous firmware versions, as this may lead to connection issues. Should you encounter any difficulties, resetting the AiMesh router to its default settings and re-establishing the mesh connection can resolve the problem.
Please unzip the firmware file, and then verify the checksum.
SHA256: a86c8e003c15419d8c7eb6eab916a9078885682a00d5c7c8d5c07f78ba7694d6
Security updates:
-Enabled and supported ECDSA certificates for Let's Encrypt.
-Enhanced protection for credentials.
-Enhanced protection for OTA firmware updates.
-Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
-Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
-Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
-Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
-Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group - cse hkust contribution.
-Fixed the cfg server vulnerability. Thanks to Swing and Wang Duo from Chaitin Security Research Lab.
-Fixed the vulnerability in the logmessage function CVE-2023-35086/ CVE-2023-35087. Thanks to Swing and Wang Duo from Chaitin Security Research Lab C0ss4ck from Bytedance Wuheng Lab, Feixincheng from X1cT34m.
Please unzip the firmware file, and then verify the checksum.
SHA256: e449985f2b02dc0217b723fa68425da21d033f2b3a6b9f929ca0f920ccdfe30a
1. Fixed OpenSSL CVE-2022-0778
2. Fixed CVE-2021-34174
3. Added more security measures to block malware.
4. Fixed Stored XSS vulnerability. Thanks to Milan Kyselica of IstroSec.
5. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-25595, CVE-2022-25596, CVE-2022-25597, CVE-2022-26376
6. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.
7. Supported Safe Browsing in the router app to filter explicit content from search results. You can set it in the router app --> Devices or Family.
8. Improved system stability.
Please unzip the firmware file first then check the MD5 code.
MD5: 775b59bae64be20524a11102166faa90
1. Fixed Let's encrypt related bugs.
2. Fixed httpd and Cfg server DoS vulnerability
Thanks to Wei Fan from NSFOCUS GeWuLAB.
3. Fixed stack overflow vulnerability
4. Fixed DoS vulnerability
Thanks for the contribution of Fans0n、le3d1ng、Mwen、daliy yang from 360 Future Security Labs
Please unzip the firmware file first then check the MD5 code.
MD5:8691cf1edab615b45b2c1f9b3934654e
This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018-1000517
cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839
Lighttpd
- CVE-2018-19052
Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052
lldpd
- CVE-2020-27827
Avahi
- CVE-2017-6519
hostapd
- CVE-2021-30004
- CVE-2019-16275
OpenVPN
- CVE-2020-11810
- CVE-2020-15078
wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041
-Fixed DoS vulnerability from spoofed sae authentication frame. Thanks to Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.
-Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.
-Fixed AiMesh web page multi-language issues.
-Fixed Stored XSS vulnerability.
-Fixed CVE-2021-41435, CVE-2021-41436.
Thanks to Efstratios Chatzoglou, University of the Aegean
Georgios Kambourakis, European Commission at the European Joint Research Centre
Constantinos Kolias, University of Idaho.
-Fixed Stack overflow vulnerability. Thanks to Jixing Wang (@chamd5) contribution.
-Fixed information disclosure vulnerability .Thanks to CataLpa from DBappSecurity Co.,Ltd Hatlab and Yao Chen(@ysmilec) of 360 Alpha Lab
Please unzip the firmware file first then check the MD5 code.
MD5: 21310304e3674dac16d5780e5c0188db
1. Improved system stability.
2. Added IPv6+ in WAN-> Internet Connection.
3. Added Auto firmware upgrade in Administration-->Firwmare Upgrade
4. Fixed envrams exposed issue. Thanks for Quentin Kaiser from IoT Inspector Research Lab contribution.
Please unzip the firmware file first then check the MD5 code.
MD5: a86e0a2edf16fd0b43de8061a88e5838
1. AiMesh 2.0
- System optimization: one click in AiMesh to optimize the topology
- System Ethernet backhaul mode, all nodes will only connect by ethernet, all bands will be released for wireless clients.
- System factory default and reboot.
- Client device reconnect, make the device to offline and online again.
- Client device binding to specific AP.
- Guest WiFi on all Mesh nodes (all node need to upgrade to 3.0.0.4.386 firmware)
- Access nodes USB application.
Connection priority and Ethernet backhaul mode introduction
https://www.asus.com/support/FAQ/1044184
How to setup ASUS AiMesh or ZenWiFi Mesh Ethernet backhaul under different conditions
https://www.asus.com/support/FAQ/1044151/
2. New Family interface in ASUS router App.
ASUS Router App for iOS must greater or equal to iOS v1.0.0.5.75
Android version greater or equal to v1.0.0.5.74
3. The unit of the WiFi time scheduler goes to 1 minute.
4. Support IPSec IKE v1 and IKE v2, and you can use the Windows 10 native VPN client program to connect to the router's IPSec VPN server. The Windows 10 new FAQ is in https://www.asus.com/support/FAQ/1033576
5. 2.4 and 5G on the network map could be configured in the same tab.
6. Captcha for login can be disabled in administration -> system.
7. Printer server port can be disabled on the USB app page.
8. Clients which connect to the guest network can be viewed in the network map -->view list --> interface
9. Fix Lets encrypt not working properly.
10. Add IPTV supports for specific region.
Security Fix:
1. Fixed CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
2. Upgrade dropbear to version 2020.81
3. Fix buffer overflow vulnerability
4. Fix slowloris denial of service attack.
5. Fix authentication bypass vulnerability.
6. Fixed the fragattacks vulnerability.
Please unzip the firmware file first then check the MD5 code.
MD5: b564ef0e3950af6966df740cc0d3f47a
- Improved system stability.
- Fixed Let’s Encrypt not working properly issue
Please unzip the firmware file first then check the MD5 code.
MD5: e14b25038a8d4944d22bd5e1b7073150
Security Fixed:
Fixed CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686
Please be noted this is a quick fix beta version for DNSmasq vulnerabilities. Refer to "Method 2: Update Manually" in https://www.asus.com/support/FAQ/1008000 to update this firmware.
Please unzip the firmware file first then check the MD5 code.
MD5: 4b40ba34afaa222de0abd0d213796538
- Fix LED abnormal during start up
- Improve system stability
Please unzip the firmware file first then check the MD5 code.
MD5: 273e5a895255012203a57d782c60d8d5
- Improve stability
- Fix 1024QAM GUI issue
Please unzip the firmware file first then check the MD5 code.
MD5: a07ac50c5cf436052c44ad59cf4ead28
- Initial release
Please unzip the firmware file first then check the MD5 code.
MD5: 666e5a4bde5a9fef822f12c37e50fd28