RT-AX88U
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
Rlease note :
- Fixed command injection vulnerability.
- Fixed the ARP poisoning vulnerability. Thanks to the contribution of Xin'an Zhou.
- Fixed code execution in custom OVPN. Thanks to the contrubution of Jacob Baines.
- Fixed the injection vulnerability in AiCloud.
- Fixed stack buffer overflow in lighttpd. Special thanks to Viktor Edstrom.
- Fixed CVE-2023-35720
- Fixed the code execution vulnerability in AiCloud. Thanks to the contribution of chumen77.
- Fixed the XSS and Self-reflected HTML injection vulnerability. Thanks to the contrubution of Redfox Cyber Security.
- Fixed CVE-2024-3079 and CVE-2024-3080. Thanks to the contribution of swing from Chaitin Security Research Lab.
*Please be advised that due to a security upgrade in AiMesh, we strongly recommend against downgrading to previous firmware versions, as this may lead to connection issues. Should you encounter any difficulties, resetting the AiMesh router to its default settings and re-establishing the mesh connection can resolve the problem.
Please unzip the firmware file, and then verify the checksum.
SHA256: 4783ea5ae14a94ce3d78319fdbaccb3c3e09f4e918c9787f9a6b9aa492f1ff1a
Bug fixes and improvements:
-Ensured consistent display of client status on the WireGuard server.
-Enhanced system stability when accessing the WireGuard Server with DMZ enabled.
-Improved stability when enabling or disabling the WireGuard server.
-Addressed an issue that prevented clients from accessing the network when setting up the OpenVPN server in TAP mode.
-Optimized memory utilization and fixed an occasional server error when registering DDNS with an app.
-Corrected a bug encountered when adding a rule to the Network Services Filter.
Security Fixes:
-Upgraded to the latest dropbear version.
-Fixed a stack overflow vulnerability.
Please unzip the firmware file, and then verify the checksum.
SHA256: f2b783d84146e8899d88fdcac0ac7a28a5dc721c4c297dc80464b7c400c7b13f
New features:
-Built-in Surfshark in VPN Fusion allows you to surf the internet anonymously and securely from anywhere by encrypting connections. Please refer to https://asus.click/SurfsharkVPN
-iPhone/Android USB auto backup WAN allows you to connect your phone to the router’s USB port and use it as an internet source. Please refer to https://asus.click/AutobackupWAN
-DDNS transfer allows you to transfer your ASUS DDNS hostname from your original router to the new one. Please refer to https://asus.click/ASUSDDNS
Bug fixes and functionality modifications:
-Resolved the issue with login and password changes.
-Resolved the IPSec VPN connection issues.
-Resolved the Instant Guard connection issues.
-Fixed the issue where Traffic Analyzer sometimes couldn't record data.
-Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
-Enabled DynDNS and No-IP DDNS to use IPv6.
-Fixed AiMesh preferred AP identification in site survey results.
-Updated timezone list for Greenland, Mexico, and Iran.
-Allowed WireGuard Server clients to access the Samba server.
-Resolved the issue where the USB path is not displayed on the Media Server page in the AiMesh node
Security updates:
-Enabled and supported ECDSA certificates for Let's Encrypt.
-Allowed binding DDNS to a user's account to reduce the risk of MITM attacks
-Enhanced protection for credentials.
-Enhanced protection for OTA firmware updates.
-Fixed CVE-2023-34359,CVE-2023-34358 Unauthenticated Denial of Service
-Fixed CVE-2023-34360 Stored XSS
-Fixed DoS vulnerabilities in firewall configuration pages.
-Fixed DoS vulerabilities in httpd.
-Fixed information disclosure vulnerability.
-Fixed CVE-2023-28702 and CVE-2023-28703.
-Fixed null pointer dereference vulnerabilities.
-Fixed the cfg server vulnerability.
-Fixed the vulnerability in the logmessage function CVE-2023-35086/ CVE-2023-35087.
-Fixed lighttpd vulnerability, CVE-2023-35720.
-Fixed several curl vulnerabilities including CVE-2023-28322, CVE-2023-28321, and CVE-2023-28319.
-Fixed FFmpeg vulnerabilities, specifically CVE-2022-3964, CVE-2022-48434, and CVE-2022-3109.
-Fixed openssl vulnerability, CVE-2023-0464.
-Fixed ReadyMedia vulnerabilitym CVE-2020-28926.
-Fixed UPnP vulnerability CVE-2020-12695.
-Patched a command injection vulnerability to improve overall security.
-Strengthened protection against SSH brute force attacks.
Please unzip the firmware file, and then verify the checksum.
SHA256: 4533484803f641f37a10550af620aebf33bd62a69a9519532a8896f8c1e79550
1.Fixed CVE-2022-46871
2.Fixed Client DOM Stored XSS.
3.Improved AiMesh backhaul stability.
4.Fixed AiMesh topology UI bugs.
5.Fixed the reboot issue when assigning specific clients in VPN fusion.
6.Fixed the VPN fusion bug when importing the Surfshark WireGuard conf file.
7.Fixed network map bugs.
8.Fixed WAN link aggregation related bugs.
Please unzip the firmware file first then check the MD5 code.
MD5: 28b5dd481d6b605a71172729d9e7c4c8
1. Improved system stability.
2. Fixed the IPsec VPN compatibility issue with Win10.
3. Fixed the VPN fusion user interface issues under the HTTPS connection.
4. Fixed Client DOM Stored XSS vulnerability.
5. Improved Wireguard performance.
6. Optimized memory usage and improved system stability.
7. Fixed USB HDD compatibility issue with the Time machine.
8. Added a new web GUI login URL http://www.asusrouter.com
9. Fixed IPTV compatibility issue with Movistar. Thanks to Sergio de Luz from RedesZone.net.
10. Fixed VPN fusion, AiMesh, and Network map GUI bugs.
Please unzip the firmware file first then check the MD5 code.
MD5: 35473a28901d60470fe278f3a4b67006
Bug fixes
- Fixed port status UI bugs
- Modified WireGuard VPN server default setting to fix iOS WireGuard app connection issues. If you have iOS connection issues on the previous version(3.0.0.4.388.20518), please upgrade to this version and reset the router.
- Fixed VPN fusion connection issues with Surfshark WireGuard profile.
- Improved the AiMesh stability.
Security
- Fixed HTTP response splitting vulnerability. Thanks to Efstratios Chatzoglou, University of the Aegean.
- Fixed status page HTML vulnerability. Thanks to David Ward.
- Fixed CVE-2018-1160. Thanks to Steven Sroba.
- Fixed cfg_server security issue.
- Fixed CVE-2011-0719, CVE-2012-2812, CVE-2012-2836, CVE-2012-2837, CVE-2012-2841, CVE-2012-3868, CVE-2013-0172, CVE-2013-4124, CVE-2014-3493, CVE-2015-0240, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118, CVE-2016-4425, CVE-2016-6328, CVE-2016-10196, CVE-2018-5743, CVE-2018-13305, CVE-2018-15822, CVE-2018-20030, CVE-2018-1999012, CVE-2019-9278, CVE-2019-17498, CVE-2020-0093, CVE-2020-0182, CVE-2020-12767, CVE-2020-13112, CVE-2020-13113,CVE-2020-13114, CVE-2020-13904,CVE-2020-14323, CVE-2020-20450, CVE-2020-20451, CVE-2020-20891, CVE-2020-20892, CVE-2020-20896, CVE-2020-20898, CVE-2020-21041, CVE-2020-21688, CVE-2020-21697, CVE-2020-22016, CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22036, CVE-2020-22038, CVE-2020-22039, CVE-2020-22040, CVE-2020-22041, CVE-2020-22042, CVE-2020-22043, CVE-2020-22044, CVE-2020-22046, CVE-2020-22048, CVE-2020-22049, CVE-2020-22051, CVE-2020-22054, CVE-2020-23906, CVE-2022-35401,CVE-2021-38090,CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094, CVE-2021-38114, CVE-2021-38171.
Please unzip the firmware file first then check the MD5 code.
MD5: de21b9c46cb0b1873ba33d965f47cedf
1. Fixed WAN link aggregation UI issue.
2. Improved AiMesh stability.
Please unzip the firmware file first then check the MD5 code.
MD5: a21d19935e3531d5da01ec853b3bf690
Try more on ASUSWRT 2022 with new features at https://asus.click/ASUSWRT2022
1. Supported WireGuard VPN server and client.
2. Supported VPN fusion. It can easily achieve VPN connection to network devices like Smart TV, Game consoles and without installing the VPN client software.
3. Supported new devices connection notification.
4. Supported connection diagnostic on the ASUS router app.
5. Supported Instant Guard 2.0 which helps easily invite family or friends to join the VPN connection.
6. Upgraded parental control and added reward, new scheduler for flexible setting
7. Fixed USB icon issue in port status.
Please unzip the firmware file first then check the MD5 code.
MD5: c5feacf21e1d237f595c7e342b601dcc
1. Fixed CVE-2022-26376
2. Improved system stability
3. Supported Safe Browsing in the router app to filter explicit content from search results. You can set it in the router app --> Devices or Family.
Please unzip the firmware file first then check the MD5 code.
MD5: 6f4a85e10c56e2fc0021001ae723bb04