Release ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15)

[wol-shiver]

CVE-2024-3080 is listed here:

RT-AC68U - Support

www.asus.com

"- Fixed CVE-2024-3079 and CVE-2024-3080. Thanks to the contribution of swing from Chaitin Security Research Lab."

If you follow the comment thread of my responses, I was not asking about 3080. Thanks all the same.

Colin above answered me as the 0401 was listed under the copvn line.

 

[gdp416]

Any thoughts on why the RT-AC66U B1, which is supposedly the same hardware as the RT-AC68U but in a different form factor, isn't listed as impacted by the security issue?
The most recent firmware for it has the same version number (3.0.0.4.386_51685), but doesn't mention the fixing of those critical CVEs (namely "Fixed CVE-2024-3079 and CVE-2024-3080.").

No idea why it isn't listed, but I am confident that the fix is there for the RT-AC66U B1.

 

[RMerlin]

No idea why it isn't listed, but I am confident that the fix is there for the RT-AC66U B1.

They use the exact same firmware.

 

[gdp416]

For owners of the RT-AC68U and RT-AC66U B1 who had auto updates turned on, but don't follow IT/security news, they won't be protected since auto firmware updates did not work for those models and the April firmware.

 

[andyross]

Just a note that Ars Technica has an article about the Asus vulnerabilities.

High-severity vulnerabilities affect a wide range of Asus router models

Many models receive patches; others will need to be replaced.

arstechnica.com

 

[bennor]

Just a note that Ars Technica has an article about the Asus vulnerabilities.

High-severity vulnerabilities affect a wide range of Asus router models

Many models receive patches; others will need to be replaced.

arstechnica.com

Doesn't seem to be anything new in that article from what was posted (BleepingComputer article) several days ago one page back:
https://www.snbforums.com/threads/a...-0-0-4-386_51685-2024-04-15.89692/post-913294

The seven affected/named routers all have had firmware released for them two to three months ago to patch CVE-2024-3080.

 

[andyross]

Doesn't seem to be anything new in that article from what was posted (BleepingComputer article) several days ago one page back:
https://www.snbforums.com/threads/a...-0-0-4-386_51685-2024-04-15.89692/post-913294

The seven affected/named routers all have had firmware released for them two to three months ago to patch CVE-2024-3080.

This is a sign of wider coverage of the issues and updates. Hopefully, some of this info might trickle down a bit to tech feeds of more regular news services.

 

[banger]

Well 30 days has passed and wifi/mesh is still working. Strange.

 

[jzchen]

Anyone notice the RT-AC68U has entered the EOL list? I'm looking to replace it.

 

[wouterv]

Well 30 days has passed and wifi/mesh is still working. Strange.

Are you complaining about good performance

 

[VANT]

Anyone notice the RT-AC68U has entered the EOL list? I'm looking to replace it.

seriously ???

News - RT-AC68U End of Life Announced by Asus

Sadly, Asus has just announced that the RT-AC68U has been discontinued and has reached end of life. :-( When a product is end-of-life, it means: It is no longer manufactured Its certification will not be renewed Its firmware, utility, website, DM, QSG and manual will not be updated...

www.snbforums.com

 

[wouterv]

Anyone notice the RT-AC68U has entered the EOL list? I'm looking to replace it.

yes:

News - RT-AC68U End of Life Announced by Asus

Sadly, Asus has just announced that the RT-AC68U has been discontinued and has reached end of life. :-( When a product is end-of-life, it means: It is no longer manufactured Its certification will not be renewed Its firmware, utility, website, DM, QSG and manual will not be updated...

www.snbforums.com

That's two.

 

[bennor]

Anyone notice the RT-AC68U has entered the EOL list? I'm looking to replace it.

It appears you missed the post at the top of page 3 (one page back)...
https://www.snbforums.com/threads/a...-0-0-4-386_51685-2024-04-15.89692/post-913294

ASUS warns of critical remote authentication bypass on seven routers including the End of Life RT-AC68U which will not be updated if they follow their policy.

See: https://www.bleepingcomputer.com/ne...al-remote-authentication-bypass-on-7-routers/

I recommend you consider upgrading to the RT-AX86U Pro or another Asus router with 3.0.0.6 series firmware.

Update: The last firmware already mitigated this CVE-2024-3080. But it was added to the release notes after the original release...

There is an entire separate discussion on the RT-AC68U being EOL'd started on May 17th:

News - RT-AC68U End of Life Announced by Asus

Sadly, Asus has just announced that the RT-AC68U has been discontinued and has reached end of life. :-( When a product is end-of-life, it means: It is no longer manufactured Its certification will not be renewed Its firmware, utility, website, DM, QSG and manual will not be updated...

www.snbforums.com

And its mentioned in the first post of the thread that the router is EOL:

Release - ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 (2024/04/15)

ASUS RT-AC68U Firmware version 3.0.0.4.386_51685 Version 3.0.0.4.386_51685 | 98.85 MB | 2024/04/15 Note: This Router is End of Life - this firmware is a bonus apparently. Download...

www.snbforums.com

 

[jzchen]

Yes I am more in the ASUS ROG and Zentalk forum. (Plus I am back in school full time)...

As I understand a representative said (on one of the two I mentioned), they will still make important security updates BUT, my interpretation is that they are not obliged to.

I posted a Looking For post to split a 2 or 3 pack BQ16 Pro. (This is a great excuse to make a significant upgrade). The next to upgrade/replace would be a RP-AX56...

 

[Oniiz86]

It's a bit of a welcome surprise that ASUS has provided an updated GPL 386_52805 according to Merlin's latest 386.14 Beta release as ASUS' latest Official release was based on an older GPL 386_51685, is it most unlikely that we will not see 386_52805 in a firmware release sometime later this year?

 

[RMerlin]

is it most unlikely that we will not see 386_52805 in a firmware release sometime later this year?

GPL archives Asus provides me are generated specifically for me, they do not indicate that there will be any stock firmware based on it. 386 firmware code is still being developed because there are a large number of devices still using it beside those that are EOL.

 

[Bredius88]

My RT-AC68U is a converted TM-AC1900, which runs Asuswrt-Merlin 3004_384.13 from 2019.
Still running fine, currently in Repeater mode (from an RT-AX86U) for only my USB-printer upstairs.
However, I have not been able to update that router with any Asus or Merlin firmware since 2019.

 

[Ant!]

For owners of the RT-AC68U and RT-AC66U B1 who had auto updates turned on, but don't follow IT/security news, they won't be protected since auto firmware updates did not work for those models and the April firmware.

My RT-AC68U got 3.0.0.4.386_51685 (2024/04/15) through auto updates, not sure when.

 

[wouterv]

My RT-AC68U is a converted TM-AC1900, which runs Asuswrt-Merlin 3004_384.13 from 2019.
Still running fine, currently in Repeater mode (from an RT-AX86U) for only my USB-printer upstairs.
However, I have not been able to update that router with any Asus or Merlin firmware since 2019.

Check this:

SNBForums Policy on ASUS TM-AC1900 Conversion Discussion

Further discussion of methods to get around ASUS' lockdown of TM-AC1900 firmware to prevent conversion to RT-AC68U will not be allowed. The main discussion thread has been deleted. Conversations related to defeating the lockdown have been deleted. New threads or Conversations opened on the...

www.snbforums.com

 

[bennor]

Check this:

SNBForums Policy on ASUS TM-AC1900 Conversion Discussion

Further discussion of methods to get around ASUS' lockdown of TM-AC1900 firmware to prevent conversion to RT-AC68U will not be allowed. The main discussion thread has been deleted. Conversations related to defeating the lockdown have been deleted. New threads or Conversations opened on the...

www.snbforums.com

Note what RMerlin indicates in the last post of that thread:
https://www.snbforums.com/threads/s...onversion-discussion.46018/page-5#post-859127

After discussing it with @thiggins, we agreed that at this point, considering this device has long been EOL, it was time to drop this rule. If people can find ways to avoid TM-AC1900 from ending up as e-waste, then it's a Good Thing, and as this is an 8 years old device, I doubt either T-Mobile or Asus would complain.

That being said, one thing stays unchanged: that device is NOT support by Asuswrt-Merlin, and anyone trying to get things to work on it is entirely on their own, as I won't waste my time (or the community's time) trying to help people figure out issues that are caused by Asus's undisclosed protection measures they might have in place.

I will be unsticking this thread inf a few days.