Release ASUS RT-AC86U Firmware 3.0.0.4.386.46092 2022/03/03

[OzarkEdge]

Version 3.0.0.4.386.46092
2022/03/03 62.74 MBytes

ASUS RT-AC86U Firmware version 3.0.0.4.386.46092
Security
- Fixed string format stacks vulnerability
- Fixed cross-site-scripting vulnerability
- Fixed informational vulnerability.
Thanks to Howard McGreehan.

-Fixed SQL injection vulnerability
-Fixed json file traversal vulnerability
-Fixed plc/port file traversal vulnerability
-Fixed stack overflow vulnerability
Thanks to HP of Cyber Kunlun Lab

-Fixed authenticated stored XSS vulnerability
Thanks to Luke Walker – SmartDCC

-Fixed LPD denial of service vulnerability
-Fixed cfgserver heap overflow vulnerability
-Fixed cfgserver denial of service vulnerability
Thanks to TianHe from BeFun Cyber Security Lab.

-Fixed CVE-2021-34174, CVE-2022-23972, CVE-2022-23970, CVE-2022-23971, CVE-2022-23973

Added more ISP profile
Digi 1 - TM
Digi 2 - TIME
Digi 3 - Digi
Digi 4 - CTS
Digi 5 - ALLO
Digi 6 - SACOFA
Maxis - CTS
Maxis - SACOFA
Maxis - TNB/ALLO

Fixed AiMesh guest network issues.
Fixed DDNS issues where the WAN IP is IPv6
Fixed UI bugs in Administration --> feedback.
Fixed time zone error.
Improved the connection stability.
Fixed IPSecVPN issues.

Please unzip the firmware file first then check the MD5 code.
MD5:a1fec62f9b680833512bb6f7e2b5c2c7

RT-AC86U - Review｜WiFi Routers｜ASUS USA

OE

 

[bbunge]

About time!

 

[DarkKnight75]

back to merlin 386.5 for my AC86U...

 

[heywire]

back to merlin 386.5 for my AC86U...

Why? Explain...

 

[heywire]

When can we expect the contents/improvements of this release to hit the Merlin branch? Since the latter was released before the this official version, I suspect there is some delay. Or is Merlin 386.5 considered the equivalent of this version?

 

[DarkKnight75]

When can we expect the contents/improvements of this release to hit the Merlin branch? Since the latter was released before the this official version, I suspect there is some delay. Or is Merlin 386.5 considered the equivalent of this version?

Yes should be the equivilant..you can see the changelong on merlin download website...mainly for improved web gui interface and other fixes.

 

[maxbraketorque]

About time!

Yeah, seemed like it was never going to happen.

 

[bbunge]

Pleased to report my remote AC86U upgraded itself overnight with no apparent problems.

 

[Darkje]

Loadbalancing also broken.

 

[FernandoF]

Loadbalancing also broken.

Could you please elaborate? What specifically worked before and is not working anymore? Thanks in advance.

 

[Darkje]

Could you please elaborate? What specifically worked before and is not working anymore? Thanks in advance.

It has never worked. Lots off topics here eleborate on this issue.

 

[OzarkEdge]

It has never worked. Lots off topics here eleborate on this issue.

So, still broken and not noted as fixed in the release notes.

OE

 

[FernandoF]

Thanks @Darkje and @OzarkEdge for your replies. My point in asking is that I've been successfully using Load Balancing for a few months -- it does work pretty well for my use case. Of course, my use case may be different than yours. So what I wanted to understand was whether there was an observed CHANGE in the LB behavior. Apparently that's not the case.

Does that sound like an accurate summary? Thank you.

 

[OzarkEdge]

Thanks @Darkje and @OzarkEdge for your replies. My point in asking is that I've been successfully using Load Balancing for a few months -- it does work pretty well for my use case. Of course, my use case may be different than yours. So what I wanted to understand was whether there was an observed CHANGE in the LB behavior. Apparently that's not the case.

Does that sound like an accurate summary? Thank you.

Sounds reasonable. I've never tried it.

OE

 

[Andy1932]

There goes my 97 day uptime...

 

[Darkje]

So, still broken and not noted as fixed in the release notes.

OE

You mean the sentence improved connection stability?

 

[OzarkEdge]

You mean the sentence improved connection stability?

No telling what that sentence means.

I think something as specific as load balancing being broken would be noted as fixed in the release notes, if they fixed it. Apparently it works for some and not for others which suggests it may never be fixed.

OE

 

[Darkje]

No telling what that sentence means.

I think something as specific as load balancing being broken would be noted as fixed in the release notes, if they fixed it. Apparently it works for some and not for others which suggests it may never be fixed.

OE

He he, agree. But to be honest i bought a Ac86u and i got a broken GT-AC2900 (fixxed now) and i really bought them for the dualwan function and even the wan aggregation on the GT version.
The dual wan function is in fallback workable. And in Dual Wan Balancing mode really on workable. If you define a ip to a one (using only one wan at the time al is ok) as soon as you want a client to use both to speed up download ore something. It has all kind of issues. This is simply a non working state. For everyone.

 

[bitsbytes]

Fixed time zone error.

Yes.... I thought my router was living in the past and didn't know what year is it anymore .

Just did a dirty update, here's hoping this release is a good one.

 

[cesarleeds]

They fixed DDNS.

My no-ip account stopped working on 3.0.0.4.386.45956, now it´s all good.