RT-AX57
BIOS & FIRMWARE
- Driver & Tools
- BIOS & FIRMWARE
- Fixed command injection vulnerability.
- Fixed the ARP poisoning vulnerability. Thanks to the contribution of Xin'an Zhou.
- Fixed code execution in custom OVPN. Thanks to the contrubution of Jacob Baines.
- Fixed the injection vulnerability in AiCloud.
- Fixed stack buffer overflow in lighttpd. Special thanks to Viktor Edstrom.
- Fixed CVE-2023-35720
- Fixed the code execution vulnerability in AiCloud. Thanks to the contribution of chumen77.
- Fixed the XSS and Self-reflected HTML injection vulnerability. Thanks to the contrubution of Redfox Cyber Security.
- Fixed CVE-2024-3079 and CVE-2024-3080. Thanks to the contribution of swing from Chaitin Security Research Lab.
*Please be advised that due to a security upgrade in AiMesh, we strongly recommend against downgrading to previous firmware versions, as this may lead to connection issues. Should you encounter any difficulties, resetting the AiMesh router to its default settings and re-establishing the mesh connection can resolve the problem.
Please unzip the firmware file, and then verify the checksum.
SHA256: e93cf781118c04277b095c8078977dfacd70baed0426bb233be2dcd8d2377c52
Bug Fixes and Enhancements:
- Fixed IPv6 issue on Hinet MOD.
- Resolved OpenVPN server TAP mode issue.
- Fixed ipv6 network service filter not work.
- Fixed the registration failure after reboot when using account based DDNS
Security Fixes:
- Fixed several curl vulnerabilities.
- Fixed FFmpeg vulnerabilities.
- Fixed command Injection Issue after authentication
- Corrected an OpenVPN vulnerability categorized as CWE-134.
- Fixed Stored Cross Site Scripting.
Please unzip the firmware file, and then verify the checksum.
SHA256: 1a27d6573f8ab437352aaffb267bafb4038ae4575b3a1216e82547c2725a48b5
Bug fixes and function modifications:
- Fixed v6plus related issues and added OCN Support.
- Fixed AiMesh node under Ethernet backhaul issues.
- Fixed GUI bugs while searching for AiMesh Node.
Please unzip the firmware file, and then verify the checksum.
SHA256: bacba7f299c348bc5683e08cc3ae33c08b43afce0004b1dff4188cab1c5241e5
Security:
Fixed command injection vulnerabilities
Fixed remove ookla-IPQ956X
Fixed vulnerability in command injection after authentication
Fixed XSS potentially via malformed hostname in DHCP request
Fixed Fixed Stored Cross Site Scriptin
Fixed XSS attack via EXT3 USB in foldername
Fixed ping '-c' parameter in administration Network Tools is validated only on client side
Feature:
Fixed AiMesh related bugs.
Fixed minor GUI bugs.
Please unzip the firmware file, and then verify the checksum.
SHA256: 76f513981aead94bac2b9de73dc72fae2e3b9f8fbf85e6f4b40c3c975e6e0d22
Bug fixes and functionality modifications:
-Resolved the issue with login and password changes.
-Resolved the IPSec VPN connection issues.
-Resolved the Instant Guard connection issues.
-Fixed the issue where Traffic Analyzer sometimes couldn't record data.
-Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
-Fine-tuned the description for port status.
-Enabled DynDNS and No-IP DDNS to use IPv6.
-Fixed AiMesh preferred AP identification in site survey results.
-Updated timezone list for Greenland, Mexico, and Iran.
-Allowed WireGuard Server clients to access the Samba server.
-Fixed memory leak issue.
Security updates:
-Enabled and supported ECDSA certificates for Let's Encrypt.
-Enhanced protection for credentials.
-Enhanced protection for OTA firmware updates.
-Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
-Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
-Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
-Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
-Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group - cse hkust contribution.
Please unzip the firmware file first then check the MD5 code.
MD5: 7f605ba65fe089247ca5eb2e60a05b24
1. Fix AiMesh issues
2. Improve system stability
Please unzip the firmware file first then check the MD5 code.
MD5: 4c352b4271e6af0478e8aa2493c2d2fb
Improved system stability
Please unzip the firmware file first then check the MD5 code.
MD5: 7cd8599f98b7a3100be3757292d4f70c
First release
Please unzip the firmware file first then check the MD5 code.
MD5:b8232c9331c7e42943e6eff8f343d1a6