Please unzip the firmware file, and then verify the checksum.
SHA256: 363f1cbb97a9295e27509e3166e83e202c0b3047d40ccc440fbf5197f188f08f

1. Strengthened input validation and data processing workflows to further protect information security.
2. Enhanced AiCloud password protection mechanisms, safeguarding against unauthorized access attempts.
3. Enhanced device security through improved buffer handling in connection features.
4. Refined data handling processes, ensuring secure and accurate information management.
5. Enhanced file access control mechanisms, promoting a more secure operating environment.
6. Strengthened certificate protection, providing enhanced data security.

1.Fixed CVE-2022-46871
2.Fixed Client DOM Stored XSS.
3.Improved AiMesh backhaul stability.
4.Fixed AiMesh topology UI bugs.
5.Fixed the reboot issue when assigning specific clients in VPN fusion.
6.Fixed the VPN fusion bug when importing the Surfshark WireGuard conf file.
7.Fixed network map bugs.

Please unzip the firmware file first then check the MD5 code.
MD5: 0944961845346c4acdef4dad83263dec

1. Supported WireGuard VPN server and client.
2. Supported VPN fusion. It can easily achieve VPN connection to network devices like Smart TV, Game consoles and without installing the VPN client software.
3. Supported new devices connection notification.
4. Supported connection diagnostic on the ASUS router app.
5. Supported Instant Guard 2.0 which helps easily invite family or friends to join the VPN connection.
6. Upgraded parental control and added reward, new scheduler for flexible setting
7. Fixed HTTP response splitting vulnerability. Thanks to Efstratios Chatzoglou, University of the Aegean.
8. Fixed status page HTML vulnerability. Thanks to David Ward.
9. Fixed CVE-2018-1160. Thanks to Steven Sroba.
10. Fixed cfg_server security issue.

Please unzip the firmware file first then check the MD5 code.
MD5: fe235129718e6dd2dbffb67bb67fd110

1. Fixed CVE-2022-0778,CVE-2022-25595, CVE-2022-25596, CVE-2022-25597, CVE-2022-26376
2. Fixed Stored XSS vulnerability.
3. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.
4. Improved system stability.

Please unzip the firmware file first then check the MD5 code.
MD5: f087cdc61f60767f8afbe337a0888c7d

1. Fixed OpenSSL CVE-2022-0778
2. Fixed CVE-2021-34174
3. Added more security measures to block malware.
4. Fixed Stored XSS vulnerability. Thanks to Milan Kyselica of IstroSec.
5. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-25595, CVE-2022-25596, CVE-2022-25597
6. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.
7. Fixed anomalous 802.11 frame issues.
Thanks to Kari Hulkko and Tuomo Untinen from The Synopsys Cybersecurity Research Center (CyRC). Issue was found by using Defensics Fuzz Testing Tool.


Please unzip the firmware file first then check the MD5 code.
MD5: 6693840d084d08b2146fe347809d0e5a

Security
- Fixed string format stacks vulnerability
- Fixed cross-site-scripting vulnerability
- Fixed informational vulnerability.
Thanks to Howard McGreehan.

-Fixed SQL injection vulnerability
-Fixed json file traversal vulnerability
-Fixed plc/port file traversal vulnerability
-Fixed stack overflow vulnerability
Thanks to HP of Cyber Kunlun Lab

-Fixed authenticated stored XSS vulnerability
Thanks to Luke Walker – SmartDCC

-Fixed LPD denial of service vulnerability
-Fixed cfgserver heap overflow vulnerability
-Fixed cfgserver denial of service vulnerability
Thanks to TianHe from BeFun Cyber Security Lab.

Added more ISP profile
Digi 1 - TM
Digi 2 - TIME
Digi 3 - Digi
Digi 4 - CTS
Digi 5 - ALLO
Digi 6 - SACOFA
Maxis - CTS
Maxis - SACOFA
Maxis - TNB/ALLO

Fixed AiMesh guest network issues.
Fixed DDNS issues where the WAN IP is IPv6
Fixed UI bugs in Administration --> feedback.
Fixed time zone error.
Improved the connection stability.

Please unzip the firmware file first then check the MD5 code.
MD5:2184296fc7065fcb83fcfe4f3062ed8e

1. Fixed Let's encrypt related bugs.
2. Fixed httpd vulnerability
3. Fixed stack overflow vulnerability
4. Fixed DoS vulnerability
Thanks for the contribution of Fans0n、le3d1ng、Mwen、daliy yang from 360 Future Security Labs

Please unzip the firmware file first then check the MD5 code.
MD5:e838d02c11c5d01c9bf14e1ece8e3cfc

This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018-1000517

cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839

Lighttpd
- CVE-2018-19052

Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052

lldpd
- CVE-2020-27827

Avahi
- CVE-2017-6519

hostapd
- CVE-2021-30004
- CVE-2019-16275

OpenVPN
- CVE-2020-11810
- CVE-2020-15078

wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041

-Fixed DoS vulnerability from spoofed sae authentication frame. Thanks to Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.
-Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.
-Fixed AiMesh web page multi-language issues.
-Fixed Stored XSS vulnerability.
-Fixed CVE-2021-41435, CVE-2021-41436.
Thanks to Efstratios Chatzoglou, University of the Aegean
Georgios Kambourakis, European Commission at the European Joint Research Centre
Constantinos Kolias, University of Idaho.
-Fixed Stack overflow vulnerability. Thanks to Jixing Wang (@chamd5) contribution.
-Fixed information disclosure vulnerability .Thanks to CataLpa from DBappSecurity Co.,Ltd Hatlab and Yao Chen(@ysmilec) of 360 Alpha Lab contribution.

Please unzip the firmware file first then check the MD5 code.
MD5: b352b9a43bfab3d88258d9627919bb4c

1. Fix AiMesh issues.
2. Improve system stability.
3. Fix WAN DNS setting cannot setup LAN side pihole server.
4. Modify few IPTV settings.
5. Add JPNE v6plus support.
6. Add Google assistant support. (ASUS Router app version later than 1.0.0.6.38)

Please unzip the firmware file first then check the MD5 code.
MD5: 0a1bd20817f33749986f52b049afc066

1. Improve system stability.
2. GUI bug fix.

Please unzip the firmware file first then check the MD5 code.
MD5: cf870bfd331ec612cd6be74b97a94741

1.Fixed the FragAttack vulnerability.
2.Fixed DoS vulnerability. Thanks for Tsinghua University NISL's contribution.
3.Improved system stability.
4.Fixed GUI bugs.
5.Security Fixed: CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686

Please unzip the firmware file first then check the MD5 code.
MD5: 02e524f422fbca2b7adf3e37683c5162

Security Fixed:
Fixed CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686

Please be noted this is a quick fix beta version for DNSmasq vulnerabilities. Refer to "Method 2: Update Manually" in https://www.asus.com/support/FAQ/1008000 to update this firmware.

Please unzip the firmware file first then check the MD5 code.
MD5: ae7640ca96afa47fad848ed4a73c2ece

1. AiMesh 2.0
- System optimization: one click in AiMesh to optimize the topology
- System Ethernet backhaul mode, all nodes will only connect by ethernet, all bands will be released for wireless clients.
- System factory default and reboot.
- Client device reconnect, make the device to offline and online again.
- Client device binding to specific AP.
- Guest WiFi on all Mesh nodes (all node need to upgrade to 3.0.0.4.386 firmware)
- Access nodes USB application.

Connection priority and Ethernet backhaul mode introduction
https://www.asus.com/support/FAQ/1044184

How to setup ASUS AiMesh or ZenWiFi Mesh Ethernet backhaul under different conditions
https://www.asus.com/support/FAQ/1044151/

2. New Family interface in ASUS router App.
ASUS Router App for iOS must greater or equal to iOS v1.0.0.5.75
Android version greater or equal to v1.0.0.5.74

3. The unit of the WiFi time scheduler goes to 1 minute.

4. Support IPSec IKE v1 and IKE v2, and you can use the Windows 10 native VPN client program to connect to the router's IPSec VPN server. The Windows 10 new FAQ is in https://www.asus.com/support/FAQ/1033576

5. 2.4 and 5G on the network map could be configured in the same tab.

6. Captcha for login can be disabled in administration -> system.

7. Printer server port can be disabled on the USB app page.

8. Clients which connect to the guest network can be viewed in the network map -->view list --> interface

9. Fixed Let's Encrypt not working properly.

10. Added IPTV supports for specific region.

Please unzip the firmware file first then check the MD5 code.
MD5: 7cfac433f67e34b41e025fae03f69af2

- Fix IPTV issues for specific regions.
- Update language support list for specific regions.
- Improve system stability.
- Minor GUI bug fixes.

Please unzip the firmware file first then check the MD5 code.
MD5: 3b4e0052eec0accbc9d3de6063fe2ff2

- Improve system stability

Please unzip the firmware file first then check the MD5 code.
MD5: 5219003206bf3f15d8d19f161ace4fbb

- Improve system stability.
- Fix AiCloud related issue.

Please unzip the firmware file first then check the MD5 code.
MD5: d9c397788fc0314923d93ebb4460091d

Update Adaptive QoS categories: Help you to prioritize the mission-critical applications
Those people who work-from-home & learn-from-home will greatly benefit from this new feature with optimized streaming experiences.
New Supported Categories & Apps:
- Video conferencing, including Microsoft Teams®, ZOOM®, Skype®, Google Hangouts®, BlueJeans®
- Online learning, including Khan academy®, Udemy®, Coursera®, TED®, VIPKiD®, 51Talk®, XDF®, Xueersi®
- Streaming, including YouTube®, Netflix®, HBO NOW®, Amazon Prime Video®, Disney+®, ESPN®, MLB.com®, iQIY®
- Indoor training, including Zwift®, Peloton®, Onelap®
Stay tuned and more apps are coming to the list soon!

Please unzip the firmware file first and then check the MD5 code.
MD5: 1776dbd144e589f3da054e40a1cddeb8

- Fixed bandwidth limiter issues.
- Fixed setup wizard GUI bugs.
- Supports 2.4G/5GHz uplink OFDMA and 802.11ax MU-MIMO.
- Security Fix: CVE-2019-15126

Please unzip the firmware file first and then check the MD5 code.
MD5: 24f593db43227fc9df8778130697aebf