What's new

Release Asuswrt-Merlin 386.7 is now available for all models

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
ok then... clean upgrade from 386.7_0 to 386.7_2 on an ax86...

the syslog has calmed down dramatically... and is no longer mumbling to itself like a senile old man at the end of the bar...

Load Averages have dropped back down to 386.5_2 levels, as well...
 
Last edited:
Did you get a message to reboot the router manually at the end of the update process? I'm thinking about this issue:

It did not. Thanks for looking into this.
 
Upgraded and smoothly running on AX88U + AC5300 AiMesh node.

Does anybody know what were the supposed improvements of the radio firmware for AX88U that have had to be downgraded in this latest build? Is that a problem on Asus's side?
My guess it is because of the wireless disconnects people have been reporting. There's another thread on here where 386.7 was causing wireless clients to disconnect for a few seconds on the AX88U. I had to downgrade my firmware to fix it, but now I'm tempted to go back to this recent update.
 
AX86U upgraded from 386.5.2 to 386.7.2.
1. WiFi is stable. I don't see any WiFi disconnects.
2. 160MHz will drop to 80MHz when the router has no 160MHz device connected and there is an 80MHz device connected. When a 160MHz device is connected, the router will automatically return to 160MHz after about 2 minutes. This requires you to set the channel to Auto+DFS. Same as 386.7 , 386.49447 and 386.49599.
3. If I keep a 160MHz device connected, the router's 160MHz is stable.

Thanks for your work.
 
2. 160MHz will drop to 80MHz when the router has no 160MHz device connected and there is an 80MHz device connected. When a 160MHz device is connected, the router will automatically return to 160MHz after about 2 minutes. This requires you to set the channel to Auto+DFS. Same as 386.7 , 386.49447 and 386.49599.
Just curious as to what you're looking at that is showing this changing between 160 to 80 and then back to 160 again?
 
Just curious as to what you're looking at that is showing this changing between 160 to 80 and then back to 160 again?
System Log - Wireless Log - Wireless 5 GHz - Channel: 36/160
 
System Log - Wireless Log - Wireless 5 GHz - Channel: 36/160

So far so good for me but the test will be when I take the work laptop in tomorrow and bring it back to the network Wednesday night.

1658758621949.png
 

Attachments

  • 1658758582718.png
    1658758582718.png
    28.9 KB · Views: 40
So far so good for me but the test will be when I take the work laptop in tomorrow and bring it back to the network Wednesday night.

View attachment 43053
If you disconnect your 160MHz device and keep only that 80MHz device connected, your 5G WiFi should change to XX/80.
"acsd: eth7: NONACSD channel switching to channel spec: XXXXXX (XX/80)" will appear in the syslog.
 
1658764045218.png


10 hours since morning reboot, no issues, no worries.
I can rest the rest of my summer. finally it all works without any further issues.
 
Guys, all the wireless issues, was that only on ax models? I have only ac models running 5_2

Can I safe upgrade to 7_2?
To be honest wireless is specific to everyone's own environment.

Its better for you to upgrade and test it. If you don't like it roll back.
 
Last edited:
Guys, all the wireless issues, was that only on ax models? I have only ac models running 5_2

Can I safe upgrade to 7_2?

My AC86Us have been on 386.7_beta1 since it was released. No issues with disconnects or range. Now upgrading to 386.7_2.
 
Can someone ((or Merlin) advise if the following security fixes are in this _2 build?
Below are from Asus just released firmware for the GT-AXE11000.
Security
- Fixed string format stacks vulnerability
- Fixed cross-site-scripting vulnerability
- Fixed informational vulnerability.
Thanks to Howard McGreehan.

-Fixed SQL injection vulnerability
-Fixed json file traversal vulnerability
-Fixed plc/port file traversal vulnerability
-Fixed stack overflow vulnerability
Thanks to HP of Cyber Kunlun Lab

-Fixed authenticated stored XSS vulnerability
Thanks to Luke Walker – SmartDCC

-Fixed LPD denial of service vulnerability
-Fixed cfgserver heap overflow vulnerability
-Fixed cfgserver denial of service vulnerability
Thanks to TianHe from BeFun Cyber Security Lab.

-Fixed CVE-2021-34174, CVE-2022-23972, CVE-2022-23970, CVE-2022-23971, CVE-2022-23973

CC
 
Now is see 386.7_2 with downgraded radio firmware for GT-ax11000 !
So what's the issue in 386.7 for the radio firmware?
A few users reported connectivity issue with the wireless firmware from 48966, so it was reverted back to the 46065 version.

Is there any difference with the one Asus is using in there latest firmware?
49599 is probably a newer version than 48966, we will have to wait for a new GPL merge to get that driver (or whichever will be current at that time).
 
Just tried. It's not in rescue mode. I'm really not sure what happened.
Flashing power LED indicates it's in rescue mode.
 
Yeah , but I see in changelog only ax drivers are downgraded... Were the ac drivers updated in the .7 release?
No other wireless driver than those indicated in the changelog were changed in 386.7_2.

Can someone ((or Merlin) advise if the following security fixes are in this _2 build?
All the changes are documented in the changelog. There was no new GPL merge in 386.7_2.

That list contains both old and recent fixes. You will have to figure out which of these fixes were already present in 48966, which is the GPL 386.7_2 is using.
 
No other wireless driver than those indicated in the changelog were changed in 386.7_2.


All the changes are documented in the changelog. There was no new GPL merge in 386.7_2.

That list contains both old and recent fixes. You will have to figure out which of these fixes were already present in 48966, which is the GPL 386.7_2 is using.

Merlin,

My bad, those fixes are from Version 3.0.0.4.386.47875 so I assume ALL of those are fixed in the present release?

The NEW Version 3.0.0.4.386.49675 has just these 2:
1. Fixed CVE-2022-0778,CVE-2022-25595, CVE-2022-25596, CVE-2022-25597, CVE-2022-26376
2. Fixed Stored XSS vulnerability.

48966 is in between the 2. Of just the 2 above, are they fixed in the latest build?

CC
 
Status
Not open for further replies.

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top