- Fixed CVE-2019-15126 (Kr00k) vulnerability.

Please unzip the firmware file first and then check the MD5 code.
MD5: 2fcb1ac3a959d4f720b1c251d37f0c79

- Improved system stability.
- Fixed XSS vulnerability. Thanks to Yonghui Han of Fortinet's FortiGuard Labs.
- Fixed CVE-2018-8877, CVE-2018-8878, CVE-2018-8879
- Modified Quick Internet Setup wizard process.


Please unzip the firmware file first then check the MD5 code.
MD5: 0ef72876e9264fccc061dbeb2bc5ab2a

Release note
- Fixed information disclosure vulnerability. Thanks to Haitan Xiang and Fand Wang.
- Fixed CVE-2018-5721 Stack-base buffer overflow vulnerability
- Fixed CVE-2018-8826 remote code code execution vulnerability. Thanks to Chris Wood.
- Fixed CVE-2018-5999 HTTP authorization bypass and CVE-2018-6000. An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
-Fixed remote code execution vulnerability. Thanks to David Maciejak of Fortinet's FortiGuard Labs
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704: Bug collision


Please unzip the firmware file first then check the MD5 code.
MD5: 32397c9833eb4ee62b2bb9b8f69deb28

Security fixed
- Fixed KRACK vulnerability
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704 : Bug collision
- Fixed predictable session tokens, logged user IP validation, Logged-in information disclosure (special thanks for Blazej Adamczyk contribution)
- Fixed web GUI authorization vulnerabilities.


Please unzip the firmware file first then check the MD5 code.
MD5: 27e5baf1ce1b286208552692aebe67bb

Security fixed
- Fixed CVE-2017-5891.
- Fixed CVE-2017-5892.
- Fixed CVE-2017-6547.
- Fixed CVE-2017-6549.
- Fixed CVE-2017-6548.
- Added log message for brute force attack.

Bug fixed
- Fixed UI issue when using Chrome 56.


Please unzip the firmware file first then check the MD5 code.
MD5: 6dbb9cbed7563e29f0be852e1b2c5c6e

Security related
- Updated OpenSSL library to 1.0.2j to fix security issues.
- Updated Dropbear SSH to 2016.74 to fixe security issues.
- Fixed a security vulnerability regarding XSS.
- Fixed a security vulnerability regarding CSRF.
- Added protection for Brute-force attack.

Bug fixed
- Fixed Chrome, Edge and IE compatibility issues.
- Fixed quick internet setting wizard compatibility issues.

Modified
- Supported Google DDNS support .
- Modified the Quick Internet Setting wizard behavior to enhance compatibility.

MD5: 79f180c87b6a54a5e0f5be10cdcfbe47

[Beta release]
Security fixes:
- Restricted access from wan method to enhance security.
- Changed Telnet default access interface.

New Features
- Support ASUS Router App

Bug fixes
- Fixed setup wizard IE compatibility issue.
- Fixed IPTV GUI issue
- Fixed view list in network map cannot be closed.
- Fixed network map device icon issue
- Fixed client list name cannot be changed issue.
- Fixed Reboot Scheduler issue under AP mode

Security fixes:
- Fixed User-Agent buffer overflow.
- Fixed null ptr dereference in https issue.
- Fixed buffer overflow issues.
- Modified brute-force protection mechanism in router login page.

New Features
- Added Bandwidth Limiter in QoS. Let administrator easily limit specific client's upload/ download bandwidth
- Independent mac filter for main wireless network and guest network. Administrator can set white list for main wireless network to only allow trust client connect to main wireless network and share network to guest with guest network
- Modified the network map client status. When chick the client icon, administrator can bind IP, change host name, change icon, block internet access or set time scheduling.

Modifications
- Adjusted Guest network mac filter maximum client number to 16
- Allow paste password on login page to fulfill some password management software requirement.
- Show current control channel while value is auto.
- Bandwidth limiter can accept decimal point.
- Unnecessary to reboot router after set allow only spcified IP address to enter GUI.
- Changed warning page style.

Bug fixes
- Fixed setup wizard IE11 compatibility issue.
- Fixed MAC clone abnormal issue
- Fixed web redirection issue when WAN IP conflicted.
- Fixed compatibility issues for IE8
- Fixed GUI related issues
- Fixed login issue when router’s IP is 10.x.x.x
- Fixed parental control-> time scheduling related issue.
- Fixed IPv6 relay issues.

-Fixed infosvr security issue.
-Fixed Cross-site request forgery security issue

Network map new features:
- Click the lock icon in client profile to assign fixed IP for client.
- Added number on client icon to show how many clients connect to repeater and AP under router
- Added the DHCP and static IP identification.
Known issue. If the IP is fixed in client side, Network map would show DHCP.

Others
- Fixed NAT loopback issue.
- Fixed the NTP sync issue in AP mode
- Fixed multiple user interface issues

If your router firmware version is 2.1.1.1.x, you could upload firmware version 3.0.0.4.374.813 directly.

1. Fixed DNS amplification DDoS attack related issues.