Firmware version 3.0.0.4.388_23285
- Release Note -
New features:
- Built-in Surfshark in VPN Fusion allows you to surf the internet anonymously and securely from anywhere by encrypting connections. Please refer to https://asus.click/SurfsharkVPN
- iPhone/Android USB auto backup WAN allows you to connect your phone to the router's USB port and use it as an internet source. Please refer to https://asus.click/AutobackupWAN
- DDNS transfer allows you to transfer your ASUS DDNS hostname from your original router to the new one. Please refer to https://asus.click/ASUSDDNS
Bug fixes and functionality modifications:
- Resolved the issue with login and password changes.
- Resolved the IPSec VPN connection issues.
- Resolved the Instant Guard connection issues
- Fixed the AiCloud login issue after unplugging and plugging the HDD into the USB port.
- Fixed the issue where Traffic Analyzer sometimes couldn't record data.
- Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
- Fine-tuned the description for port status.
- Enabled DynDNS and No-IP DDNS to use IPv6.
- Fixed AiMesh preferred AP identification in site survey results.
- Updated timezone list for Greenland, Mexico, and Iran.
- Modified the USB application option text in dual WAN.
- Allowed WireGuard Server clients to access the Samba server.
- Fixed memory leak issue.
- Enabled the failback function when using the iOS/Android USB backup WAN.
- The ARP response issue has been resolved, along with the connection issue between the router and the ROG Phone 6 and 7.
- Resolved the issue where the USB path is not displayed on the Media Server page in the AiMesh node
Security updates:
- Enabled and supported ECDSA certificates for Let's Encrypt.
- Enhanced protection for credentials.
- Enhanced protection for OTA firmware updates.
- Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
- Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
- Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
- Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
- Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group-cse hkust contribution.
- Fixed the cfg server vulnerability. Thanks to Swing and Wang Duo from Chaitin Security Research Lab.
- Fixed the vulnerability in the logmessage function. Thanks to Swing and Wang Duo from Chaitin Security Research Lab COss4ck from Bytedance Wuheng Lab, Feixincheng from X1cT34m.
Download link:
- Release Note -
New features:
- Built-in Surfshark in VPN Fusion allows you to surf the internet anonymously and securely from anywhere by encrypting connections. Please refer to https://asus.click/SurfsharkVPN
- iPhone/Android USB auto backup WAN allows you to connect your phone to the router's USB port and use it as an internet source. Please refer to https://asus.click/AutobackupWAN
- DDNS transfer allows you to transfer your ASUS DDNS hostname from your original router to the new one. Please refer to https://asus.click/ASUSDDNS
Bug fixes and functionality modifications:
- Resolved the issue with login and password changes.
- Resolved the IPSec VPN connection issues.
- Resolved the Instant Guard connection issues
- Fixed the AiCloud login issue after unplugging and plugging the HDD into the USB port.
- Fixed the issue where Traffic Analyzer sometimes couldn't record data.
- Fixed the time display issue for the preferred upgrade time in the Auto Firmware Upgrade function.
- Fine-tuned the description for port status.
- Enabled DynDNS and No-IP DDNS to use IPv6.
- Fixed AiMesh preferred AP identification in site survey results.
- Updated timezone list for Greenland, Mexico, and Iran.
- Modified the USB application option text in dual WAN.
- Allowed WireGuard Server clients to access the Samba server.
- Fixed memory leak issue.
- Enabled the failback function when using the iOS/Android USB backup WAN.
- The ARP response issue has been resolved, along with the connection issue between the router and the ROG Phone 6 and 7.
- Resolved the issue where the USB path is not displayed on the Media Server page in the AiMesh node
Security updates:
- Enabled and supported ECDSA certificates for Let's Encrypt.
- Enhanced protection for credentials.
- Enhanced protection for OTA firmware updates.
- Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao's contribution.
- Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
- Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
- Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
- Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group-cse hkust contribution.
- Fixed the cfg server vulnerability. Thanks to Swing and Wang Duo from Chaitin Security Research Lab.
- Fixed the vulnerability in the logmessage function. Thanks to Swing and Wang Duo from Chaitin Security Research Lab COss4ck from Bytedance Wuheng Lab, Feixincheng from X1cT34m.
Download link:
Last edited: