What's new

Release ASUS RT-AC86U Firmware version 3.0.0.4.386_51925 (2024/03/29)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

lepicane

Occasional Visitor
Just when I thought it was EOL and switched to Merlin....

Version 3.0.0.4.386_51925
66.2 MB
2024/03/29
- Fixed command injection vulnerability.
- Fixed the ARP poisoning vulnerability. Thanks to the contribution of Xin'an Zhou.
- Fixed code execution in custom OVPN. Thanks to the contrubution of Jacob Baines.
- Fixed the injection vulnerability in AiCloud.
- Fixed stack buffer overflow in lighttpd. Special thanks to Viktor Edstrom.
- Fixed CVE-2023-35720
- Fixed the code execution vulnerability in AiCloud. Thanks to the contribution of chumen77.
- Fixed the XSS and Self-reflected HTML injection vulnerability. Thanks to the contrubution of Redfox Cyber Security.

*Please be advised that due to a security upgrade in AiMesh, we strongly recommend against downgrading to previous firmware versions, as this may lead to connection issues. Should you encounter any difficulties, resetting the AiMesh router to its default settings and re-establishing the mesh connection can resolve the problem.

Please unzip the firmware file, and then verify the checksum.
SHA256: f092a5b2a59a2ac6068dc219688d326d26115e97dfc97d64ad1b1cec515788f7

Download
 
Excellent news for RT-AC86U owners! 👍
 
1711759603053.jpeg
 
Rats! Just spoiled 233 days up time!

(At a friends house)
 
It would be best if you read all the entries, particularly the one which includes the GPL version used.

From the link you quoted:

386.12 (4-Sept-2023)
- UPDATED: Merged with GPL 386_51997.
- UPDATED: curl to 8.1.2.
- UPDATED: OpenVPN to 2.6.6.
- UPDATED: openssl to 1.1.1u.
- UPDATED: tor to 0.4.7.13.
- CHANGED: FTP server will now only support strong ciphers
in TLS mode.
- FIXED: QOS Classification showing no Upload data on some
WAN configurations.
- FIXED: Radio temperature graphs weren't updating
- FIXED: nvram usage reported on Sysinfo page was inaccurate
as it included JFFS stored values.
 
Anyone else having the router not detect this upgrade? I can download the zip file from the Asus web site but the router I manage is on a very s l o w Comcast service and I'm hesitant to try a flash over OpenVPN.
 
Anyone else having the router not detect this upgrade? I can download the zip file from the Asus web site but the router I manage is on a very s l o w Comcast service and I'm hesitant to try a flash over OpenVPN.
my 86u also not detect this update. I do this manually.
 
To the mod who deleted my post -- my findings suggest a bug in this very firmware version!

Summary follows:

I recently updated firmware on my AiMesh router and node to get the latest security fixes:

ASUS RT-AC86U Firmware version 3.0.0.4.386_51925
ASUS RT-AC66U B1 Firmware version 3.0.0.4.386_51685

The router no longer shows the node in the admin screen and the node says it can not connect to the router. If I try to add the node it can be found and starts to add but then fails. The node is left searching for the router (indicating the router is somehow not allowing connection).

I downgraded the RT-AC86U router to Firmware version 3.0.0.4.386_51915 (leaving the ASUS RT-AC66U B1 on Firmware version 3.0.0.4.386_51685) and the AC66U_B1 node came back.

tldr; There is some compatibility problem with the AiMesh security update in ASUS RT-AC86U Firmware version 3.0.0.4.386_51925.
 
Last edited:

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top