RT-AX5400
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
Bug Fixes and Enhancements:
- Enhanced AiMesh Stability.
- Fixed an issue where the Aimesh node information was not being updated in the AiMesh topology.
- Added DS-Lite Support.
- Corrected a display issue in the OpenVPN server that prevented IPv6 settings from showing correctly.
- Enabled Samba access through IPv6.
Security updates:
- Applied patches for CVE-2023-5678 & CVE-2024-0727.
- Addressed CVE-2023-48795 by updating the dropbear SSH server.
- Improved security in OpenVPN custom configuration.
- Updated StrongSwan to version 5.9.13 to address CVE-2023-41913.
- Resolved CVE-2020-13848 by updating libupnp to version 1.3.1.
Please unzip the firmware file, and then verify the checksum.
SHA256: 1b9e01cf8445472bc11aa49e4f5f0d810174bc8de04316fd6411a4e4027a5277
- Resolved guest network connectivity issue on AiMesh nodes when guest network internal access is disabled
Please unzip the firmware file, and then verify the checksum.
SHA256: 29e463b9d7f503709028921fc691727a98849372577c0096940bd3136e3bc093
Bug Fixes and Enhancements:
- Fixed WAN connection issues.
- Fixed v6plus related issues.
- Resolved an issue that caused hostname errors in the DDNS service.
- Resolved OpenVPN server TAP mode issue.
- Added MTU setting for WireGuard client.
- Ensured consistent display of client status on the WireGuard server.
- Enhanced system stability when accessing the WireGuard server with DMZ enabled.
- Improved stability when enabling or disabling the WireGuard server.
- Optimized memory utilization and fixed an occasional server error when registering DDNS with an app.
- Corrected a bug encountered when adding a rule to the network services filter.
Security Fixes:
- Fixed OpenSSL vulnerabilities.
- Upgraded to the latest dropbear version.
- Fixed a stack overflow vulnerability.
Please unzip the firmware file, and then verify the checksum.
SHA256: 38edaf201ac46bf67a3a5bea78e4de844b5ad89a48444b5db91574ebee26e47c
Security:
Fixed command injection vulnerabilities
Fixed remove ookla-IPQ956X
Fixed vulnerability in command injection after authentication
Fixed XSS potentially via malformed hostname in DHCP request
Fixed Fixed Stored Cross Site Scriptin
Fixed XSS attack via EXT3 USB in foldername
Fixed ping '-c' parameter in administration Network Tools is validated only on client side
Feature:
Add OCN Support.
Fixed v6plus related issues.
Fixed AiMesh node under Ethernet backhaul issues.
Fixed GUI bugs while searching for AiMesh Node.
Fixed USB function related issues.
Please unzip the firmware file, and then verify the checksum.
SHA256: 8a89db1044ce95c3fef4d584a31ab72be0b0998efd98c4cf7a7ed5ad4654e5d9
Bug Fixes and Enhancements
- NowTV profile has been added under new IPTV profiles.
- IPTV settings have been updated for better compatibility with Unifi Biz VoIP service.
- Fixed a GUI bug that occurred when adding port range rules in the Network Service Filter.
- Resolved an issue that caused hostname errors in the DDNS service.
Security Fixes
- Fixed several curl vulnerabilities including CVE-2023-28322, CVE-2023-28321, and CVE-2023-28319.
- Fixed FFmpeg vulnerabilities, specifically CVE-2022-3964, CVE-2022-48434, and CVE-2022-3109.
- Corrected an OpenVPN vulnerability categorized as CWE-134.
- Fixed the Hostap vulnerability CVE-2019-10064.
- Patched several command injection vulnerabilities. Thanks to Jincheng Wang from X1cT34m Laboratory of Nanjing University of Posts and Telecommunications
- Strengthened protection against SSH brute force attacks.
Please unzip the firmware file, and then verify the checksum.
SHA256: 5adf37f9515de40134daf48ec6d1e7688bc13a90b7c591dd5c1acaaa7473a236
New feature:
- Built-in Surfshark in VPN Fusion allows you to surf the internet anonymously and securely from anywhere by encrypting connections. Please refer to https://asus.click/SurfsharkVPN
- iPhone/Android USB auto backup WAN allows you to connect your phone to the router’s USB port and use it as an internet source. Please refer to https://asus.click/AutobackupWAN
- DDNS transfer allows you to transfer your ASUS DDNS hostname from your original router to the new one. Please refer to https://asus.click/ASUSDDNS
Bug fixes and functionality modifications:
-Resolved the issue with login and password changes.
-Resolved the IPSec VPN connection issues.
-Resolved the Instant Guard connection issues.
-Fixed the AiCloud login issue after unplugging and plugging the HDD into the USB port.
-Fixed the issue where Traffic Analyzer sometimes couldn't record data.
-Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
-Fine-tuned the description for port status.
-Enabled DynDNS and No-IP DDNS to use IPv6.
-Fixed AiMesh preferred AP identification in site survey results.
-Updated timezone list for Greenland, Mexico, and Iran.
-Modified the USB application option text in dual WAN.
-Allowed WireGuard Server clients to access the Samba server.
-Fixed memory leak issue.
-Enabled the failback function when using the iOS/Android USB backup WAN.
-Enabled wireguard VPN.
Security updates:
-Enabled and supported ECDSA certificates for Let's Encrypt.
-Enhanced protection for credentials.
-Enhanced protection for OTA firmware updates.
-Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
-Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
-Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
-Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
-Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group - cse hkust contribution.
Please unzip the firmware file, and then verify the checksum.
SHA256: cbfc82957b34949878b9c138c8e418820c898d771488075ad8721caac20d189f
Initial firmware release
Please unzip the firmware file first then check the MD5 code.
MD5: 276297e4a291db4880020afc9df17a03