What's new

Release ASUS RT-AC68U Firmware version 3.0.0.4.386.49703 (07-20-2022)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Intrepid

Regular Contributor
ASUS RT-AC68U Firmware version 3.0.0.4.386.49703
1. Fixed CVE-2018-1160, CVE-2022-26376.
2. Improved system stability.
3. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.

Please unzip the firmware file first then check the MD5 code.
MD5: df22d37f18b8595d953dafd14da92b74
2022/07/20 95.32 MBytes

Download: https://www.asus.com/supportonly/RT-AC68U/HelpDesk_BIOS/
 
Strange, if I go through the main Asus.com website (US) and navigate through to the support page for the RT-AC68U it doesn't show that new firmware. Shows: Version 3.0.0.4.386.48262 - 2022/03/25. Guess they're slow in propagating the update through their site(s).

Edit to add: Checking from within a family member's RT-AC68U shows newer firmware: 3.0.0.4.386_49703-gc2cdfc8, but the release notes that is displayed are for the previous firmware:
Firmware version 3.0.0.4.386_48262
- Release Note -
Bug Fixes and Enhancements:
1. Fixed OpenSSL CVE-2022-0778
2. Added more security measures to block malware.
3. Fixed Stored XSS vulnerability.
Thanks to Milan Kyselica of IstroSec.
4. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-CVE-2022-25595, CVE-2022-25596, CVE-2022-25596,
5. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.
 
Last edited:
Strange, if I go through the main Asus.com website (US) and navigate through to the support page for the RT-AC68U it doesn't show that new firmware. Shows: Version 3.0.0.4.386.48262 - 2022/03/25. Guess they're slow in propagating the update through their site(s).

Edit to add: Checking from within a family member's RT-AC68U shows newer firmware: 3.0.0.4.386_49703-gc2cdfc8, but the release notes that is displayed are for the previous firmware:
Firmware version 3.0.0.4.386_48262
- Release Note -
Bug Fixes and Enhancements:
1. Fixed OpenSSL CVE-2022-0778
2. Added more security measures to block malware.
3. Fixed Stored XSS vulnerability.
Thanks to Milan Kyselica of IstroSec.
4. Fixed CVE-2022-23970, CVE-2022-23971, CVE-2022-23972, CVE-2022-23973, CVE-2022-CVE-2022-25595, CVE-2022-25596, CVE-2022-25596,
5. Added 3rd party DNS server list in WAN --> DNS to help users enhance the connection security.

On the US site, I often try Drivers & Tools\OS 'others' and find it listed:

RT-AC68U|WiFi Routers|ASUS USA

Clean installed and checked out ok here... now back on the shelf.

OE
 
Last edited:
Currently using the Asus firmware restoration tool after attempting to apply this update.

Was able to find, download, and begin the update process from the web interface. After the process appeared to complete, it instructed me to manually reset the router. After boot up the wifi networks did not turn on, and when connected by ethernet I was unable to access the internet or the router's web interface.

The firmware restoration keeps resetting at 40-ish percent, and fails to restore after several attempts. I think I'll need to do a factory reset soon, as this appears to be going no where.
 
After the process appeared to complete, it instructed me to manually reset the router.

This manual reboot (not reset) message bugged a lot of routers. The message is coming automatically after set time with no communication with the router, but the router is still not ready. Manual reboot is interrupting the firmware update process. This is pretty serious Asuswrt bug and has to be fixed. It happens to someone every time a new firmware is available.
 
This manual reboot (not reset) message bugged a lot of routers. The message is coming automatically after set time with no communication with the router, but the router is still not ready. Manual reboot is interrupting the firmware update process. This is pretty serious Asuswrt bug and has to be fixed. It happens to someone every time a new firmware is available.

Yep, bugged for following instructions rather than paying attention and thinking for myself.

Fortunately the factory reset appears to be a success, so at least it's not bricked. Though I'm kicking myself for not exporting a settings file now.
 
Without issues I updated the RT-AC68U Router and RT-AC1900U Media Bridge online through the Firmware Upgrade page.
Both came back online after a while, I didn't perform a manual reboot.
 
dirty upgrade my AC-68U node, and now no problem with wireless backhaoul.
 
Installed on a mesh with 3 ac68s with one of them as main node and everything appears to be working well. I was actually preparing these routers to sell to a friend when the fw released and I had to redo everything again since I didn't want to send them to him with dirty flashes.

I hope they remain stable once he installs them lol.
 
Fixed CVE-2018-1160
If i understand this correctly, this security issue was reoported back in 2018, and not fixed until now? Is that correct? Isn’t that a bit worrysome, that a known security issue is open for four years before it’s patched? Is it normal to take take that long?
 
Man, that was a long wait!

OE
two months, but now work fine :)
1658599471740.png
 
Something very weird happened with this FW. I sold 3 of my old ac68u to a friend and I flashed the 3 units with this FW, wiped the settings, configured the main node with the network settings he wanted and added the other 2 routers as aimesh nodes.

I sent him the routers and was expecting a plug and play experience but he didn't have internet. After checking things up I noticed the dhcp didn't define a gateway ip and when he went to check the dhcp settings in the main router the gateway address was indeed empty.

This is very weird why out of the box the gateway ip became empty (I left the default dhcp settings since he didn't have any special requirements regarding it).
 
dhcp settings in the main router the gateway address was indeed empty

The one in LAN, DHCP Server is empty by Default. That means default LAN IP is used. Nothing wrong here.

was expecting a plug and play experience but he didn't have internet

If he has different type Internet connection than yours, he won't have Internet until the WAN is set properly.
 
Last edited:
No, default gateway setting in dhcp is always set to the main router's own local ip by default and it's the first time I found it empty. We both use the same internet/network setup with our ISP (which is the same) fiber modem in bridge mode and using the bridge lan port from the modem to the wan port. I lost count on how many settings reset I did on my own main router and this is the 1st time that specific setting stayed empty.

EDIT: now that I think of it I had internet when I was setting up the routers before sending them to him and the pc I was using doesn't have manual IP and is using DHCP which makes this issue even weirder. I only configured wifi related stuff and added the aimesh nodes and never touched DHCP settings. I really can't understand why and how the dhcp settings got messed up.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top