What's new

Release ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

CVE-2024-3080 is listed here:
"- Fixed CVE-2024-3079 and CVE-2024-3080. Thanks to the contribution of swing from Chaitin Security Research Lab."
If you follow the comment thread of my responses, I was not asking about 3080. Thanks all the same.

Colin above answered me as the 0401 was listed under the copvn line.
 
Any thoughts on why the RT-AC66U B1, which is supposedly the same hardware as the RT-AC68U but in a different form factor, isn't listed as impacted by the security issue?
The most recent firmware for it has the same version number (3.0.0.4.386_51685), but doesn't mention the fixing of those critical CVEs (namely "Fixed CVE-2024-3079 and CVE-2024-3080.").
No idea why it isn't listed, but I am confident that the fix is there for the RT-AC66U B1.
 
No idea why it isn't listed, but I am confident that the fix is there for the RT-AC66U B1.
They use the exact same firmware.
 
For owners of the RT-AC68U and RT-AC66U B1 who had auto updates turned on, but don't follow IT/security news, they won't be protected since auto firmware updates did not work for those models and the April firmware.
 
Just a note that Ars Technica has an article about the Asus vulnerabilities.
Doesn't seem to be anything new in that article from what was posted (BleepingComputer article) several days ago one page back:
https://www.snbforums.com/threads/a...-0-0-4-386_51685-2024-04-15.89692/post-913294

The seven affected/named routers all have had firmware released for them two to three months ago to patch CVE-2024-3080.
 
Doesn't seem to be anything new in that article from what was posted (BleepingComputer article) several days ago one page back:
https://www.snbforums.com/threads/a...-0-0-4-386_51685-2024-04-15.89692/post-913294

The seven affected/named routers all have had firmware released for them two to three months ago to patch CVE-2024-3080.
This is a sign of wider coverage of the issues and updates. Hopefully, some of this info might trickle down a bit to tech feeds of more regular news services.
 
Well 30 days has passed and wifi/mesh is still working. Strange.
 
Anyone notice the RT-AC68U has entered the EOL list? I'm looking to replace it.
seriously ???
 
Anyone notice the RT-AC68U has entered the EOL list? I'm looking to replace it.
yes:
That's two.
 
Anyone notice the RT-AC68U has entered the EOL list? I'm looking to replace it.
It appears you missed the post at the top of page 3 (one page back)...
https://www.snbforums.com/threads/a...-0-0-4-386_51685-2024-04-15.89692/post-913294
ASUS warns of critical remote authentication bypass on seven routers including the End of Life RT-AC68U which will not be updated if they follow their policy.

See: https://www.bleepingcomputer.com/ne...al-remote-authentication-bypass-on-7-routers/

I recommend you consider upgrading to the RT-AX86U Pro or another Asus router with 3.0.0.6 series firmware.

Update: The last firmware already mitigated this CVE-2024-3080. But it was added to the release notes after the original release...
There is an entire separate discussion on the RT-AC68U being EOL'd started on May 17th:
And its mentioned in the first post of the thread that the router is EOL:
 
Yes I am more in the ASUS ROG and Zentalk forum. (Plus I am back in school full time)...

As I understand a representative said (on one of the two I mentioned), they will still make important security updates BUT, my interpretation is that they are not obliged to.

I posted a Looking For post to split a 2 or 3 pack BQ16 Pro. (This is a great excuse to make a significant upgrade). 🙂 The next to upgrade/replace would be a RP-AX56...
 
It's a bit of a welcome surprise that ASUS has provided an updated GPL 386_52805 according to Merlin's latest 386.14 Beta release as ASUS' latest Official release was based on an older GPL 386_51685, is it most unlikely that we will not see 386_52805 in a firmware release sometime later this year?
 
is it most unlikely that we will not see 386_52805 in a firmware release sometime later this year?
GPL archives Asus provides me are generated specifically for me, they do not indicate that there will be any stock firmware based on it. 386 firmware code is still being developed because there are a large number of devices still using it beside those that are EOL.
 
My RT-AC68U is a converted TM-AC1900, which runs Asuswrt-Merlin 3004_384.13 from 2019.
Still running fine, currently in Repeater mode (from an RT-AX86U) for only my USB-printer upstairs.
However, I have not been able to update that router with any Asus or Merlin firmware since 2019.
 
For owners of the RT-AC68U and RT-AC66U B1 who had auto updates turned on, but don't follow IT/security news, they won't be protected since auto firmware updates did not work for those models and the April firmware.
My RT-AC68U got 3.0.0.4.386_51685 (2024/04/15) through auto updates, not sure when.
 
My RT-AC68U is a converted TM-AC1900, which runs Asuswrt-Merlin 3004_384.13 from 2019.
Still running fine, currently in Repeater mode (from an RT-AX86U) for only my USB-printer upstairs.
However, I have not been able to update that router with any Asus or Merlin firmware since 2019.
Check this:
 
Check this:
Note what RMerlin indicates in the last post of that thread:
https://www.snbforums.com/threads/s...onversion-discussion.46018/page-5#post-859127
After discussing it with @thiggins, we agreed that at this point, considering this device has long been EOL, it was time to drop this rule. If people can find ways to avoid TM-AC1900 from ending up as e-waste, then it's a Good Thing, and as this is an 8 years old device, I doubt either T-Mobile or Asus would complain.

That being said, one thing stays unchanged: that device is NOT support by Asuswrt-Merlin, and anyone trying to get things to work on it is entirely on their own, as I won't waste my time (or the community's time) trying to help people figure out issues that are caused by Asus's undisclosed protection measures they might have in place.

I will be unsticking this thread inf a few days.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top