RT-AC3200 Current Official Firmware Thread (3.0.0.4.382.50624, 180601)

[o-l-a-v]

Rather than creating a new thread every time a new firmware is released for Asus RT-AC3200, I suggest we maintain one thread. This gives us one place to:
- Easily find reports about how previous firmwares functioned, if current is not that great.
- Subscribe to. Don't have to subscribe to a new thread every time a new firmware appears.


Current version
RT-AC3200 Firmware Version 3.0.0.4.382.50624 (2018.06.01)
FW Download
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/FW_RT_AC3200_300438250624.ZIP
File Name: FW_RT_AC3200_300438250624.ZIP
MD5: abf338d73547c9502c3fd20e1792486a

GPL Download (Not available yet)
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/GPL_RT_AC3200_300438250624.ZIP

Changelog
https://www.asus.com/Networking/RTAC3200/HelpDesk_BIOS/

Spoiler

ASUS RT-AC3200 Firmware version 3.0.0.4.382.50624
- Modified the EULA for DDNS, AiProtection, Adaptive QoS, Traffic Analyzer, Web history, Feedback.
- Added Privacy page in Advanced settings
- Fixed IPv6 bugs
- Modified USB 3.0 related strings.
- Added more protection mechanism for OpenVPN account.


Please unzip the firmware file first then check the MD5 code.
MD5: abf338d73547c9502c3fd20e1792486a

Previous versions:
RT-AC3200 Firmware Version 3.0.0.4.382.50470 (2018.05.15)

Spoiler

FW Download
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/FW_RT_AC3200_300438250470.ZIP
File Name: FW_RT_AC3200_300438250470.ZIP
MD5: ab9de584c990985abaef90659446a12c

GPL Download (Not available yet)
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/GPL_RT_AC3200_300438250470.ZIP

Changelog
https://www.asus.com/Networking/RTAC3200/HelpDesk_BIOS/

Spoiler

RT-AC3200 Firmware version 3.0.0.4.382.50470
- Improved system stability.
- Fixed XSS vulnerability. Thanks to Yonghui Han of Fortinet's FortiGuard Labs.
- Fixed CVE-2018-8877, CVE-2018-8878, CVE-2018-8879
- Fixed plain text password vulnerability in lighthttpd
- Modified Quick Internet Setup wizard process.
- Main SSID and guest network can hide independently.

Please unzip the firmware file first then check the MD5 code.
MD5: ab9de584c990985abaef90659446a12c

RT-AC3200 Firmware Version 3.0.0.4.382.50010 (2018.01.25)

Spoiler

FW Download
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/FW_RT_AC3200_300438250010.ZIP
File Name: FW_RT_AC3200_300438250010.ZIP
MD5: 97f679cef6f1f371141e236a10653879

GPL Download (Not available yet)
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/GPL_RT_AC3200_300438250010.ZIP

Changelog
https://www.asus.com/Networking/RTAC3200/HelpDesk_BIOS/

Spoiler

ASUS RT-AC3200 Firmware version 3.0.0.4.382.50010
Security fixed
- Fixed AiCloud XSS vulnerabilities
- Fixed XSS vulnerability. Thanks for Joaquim's contribution.
- Fixed LAN RCE vulnerability. An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
- Fixed remote code execution vulnerability. Thanks to David Maciejak of Fortinet's FortiGuard Labs
- Fixed Smart Sync Stored XSS vulnerabilities. Thanks fo Guy Arazi's contribution.
- Fixed CVE-2018-5721 Stack-based buffer overflow.

Bug fixed
- Fixed CTF related issues
- Fixed AiCloud smart sync issue.
- Fixed client icon modification issue when client name includes special characters.
- Fixed AiCloud smart sync problem.

RT-AC3200 Firmware Version 3.0.0.4.382.19466 (2017.12.08)

Spoiler

FW Download
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/FW_RT_AC3200_300438219466.zip
File Name: FW_RT_AC3200_300438219466.zip
MD5: e46e8cfb5bd93116d91c2959e5e5f71f

GPL Download
http://dlcdnet.asus.com/pub/ASUS/wireless/RT-AC3200/GPL_RT_AC3200_300438219466.zip

Changelog
https://www.asus.com/Networking/RTAC3200/HelpDesk_BIOS/

Spoiler

Version 3.0.0.4.382.19466
2017/12/0840.87 MBytes
ASUS RT-AC3200 Firmware version 3.0.0.4.382.19466
Security fixed
- Fixed CVE-2017-14491: DNS - 2 byte heap based overflow
- Fixed CVE-2017-14492: DHCP - heap based overflow
- Fixed CVE-2017-14493: DHCP - stack based overflow
- Fixed CVE-2017-14494: DHCP - info leak
- Fixed CVE-2017-14495: DNS - OOM DoS
- Fixed CVE-2017-14496: DNS - DoS Integer underflow
- Fixed CVE-2017-13704 : Bug collision
- Fixed predictable session tokens, logged user IP validation, Logged-in information disclosure (special thanks for Blazej Adamczyk contribution)
- Fixed web GUI authorization vulnerabilities.
- Fixed AiCloud XSS vulnerabilities
- Improved WiFi stability and performance.

New features
- HDD Hibernation
- URL filter black/white list
- Bandwidth limiter on guest network
- URL filter support https website


Please unzip the firmware file first then check the MD5 code.
MD5: e46e8cfb5bd93116d91c2959e5e5f71f

 

[dead_screem]

This has the exact same change log as 18338 but the Krack fix isn't mentioned anymore... And the new addition of "Improved WiFi stability and performance.". Hopefully I can run without the reboot scheduler now.

Also, I noticed the slow boot time issue and WAN led stuck red issue is fixed.

 

[roblangston]

1day 12hour uptime so far on this firmware, AC-3200, zero issues (probably best wifi stability to date). If you can do the same for the AC-88U, I will be a happy customer. I have gone back to using my AC-3200 over the AC-88U for stability reasons.

 

[tim]

oh yes this is way better than 3.0.0.4_382_18338.

Seems more stable and the GUI bug with the client list is fixed.

 

[st3v3n]

Any indication the 3200's NVRAM was expanded to 128Kb in this build instead of 64Kb? That would definitely be an improvement

 

[roblangston]

Everything is still working fine, although in the log, I get these entries repeated every couple of minutes:-
Dec 10 20:39:37 kernel: br0: port 1(vlan1) received tcn bpdu
Dec 10 20:39:37 kernel: br0: topology change detected, propagating

Does this mean anything to anyone?

 

[st3v3n]

roblangston, perhaps here: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/12013-17.html

and here: (#2)

https://www.snbforums.com/threads/wireless-restart.8464/

 

[Jwagner010]

Any further updates from folks who have upgraded on any issues and the stability of wifi now that you have been running the new firmware for a week? Was thinking of upgrading this weekend as my current release needs to be rebooted every 4 to 6 weeks as the wifi and port forwarding stop working.

 

[Nigel Jones]

As above .. currently running merlin - 380.82 .. considering whether to try this stock image.....

 

[roblangston]

Everything is still stable for me, 29 devices connected, mixture of 2.4GHz, 5GHz and wired. Going to be sticking with this firmware release for a while. One thing to mention is that I only run one 5GHz channel, I am not sure if that also improves stability.

 

[habskilla]

Take the plunge....This version is working very well

 

[st3v3n]

habskilla, very tempting indeed; any luck yet for measuring the amount of NVRAM in the build? I may need some for myself, and the router. Will hang a bit longer 380.68_4 while you find gents report. I had a total of 11 on WiFi here last summer, but trying to reach roblangston's 29 devices makes one dizzy. Please keep reporting your good experiences. I'll lurk on but am considering reverting when I finish my other project. More than one project and dyslexia kicks in, not good for routers or assisting others. Peace.

 

[o-l-a-v]

Running this fw as access point for about a week now, seems pretty solid. Only thing I'm really missing is merlins stealth mode; to much LED!
Tell me how to measure nvram, and I'll check.

 

[st3v3n]

Olav, On this page, this may be useful in revealing the space on the build, if you use winscp or putty;
https://www.snbforums.com/threads/faq-nvram-and-factory-default-reset.22822/

I'm sure there's a precise command, but it's all I've come up with today.
The nvram show should 'show' the size which should reveal how much NVRAM is used or remaining; not sure since I can't do this myself, so you don't wish to erase the NVRAM while you're looking, the part that follows is if you want to save a text file to a USB or flash drive;

Connect to router over SSH/telnet, and run the following, :nvram show | sort
If you have a USB disk plugged as /mnt/sda1/, then you can save the output to a text file:
nvram show | sort > /mnt/sda1/settings.txt

Be very interesting to see if Asus expanded the size; thanks.

 

[o-l-a-v]

Nvram show | sort shows used and free at the top:
Size: 53737 bytes (77335 left)

 

[st3v3n]

O-L-A_V, thanks for your input, the sum of 131,092 jumped over the magic count of 128,000, so it's double the former stock default of 64,000 The extra space should give OpenVPN tunnels more space to stretch their legs. We don't use Trend or QoS, so this amount of NVRAM is Christmas cheer that's hard to resist. Is your build EU/Norway or English? One gent in Romania said his build was also doing well. I'll set a couple days on my schedule to give this a try. Are you ready for Julenissen? Cheers

 

[o-l-a-v]

The router was bought in Norway, so I guess Eu/Norway? I'll check.

Yeah, I'm totally ready for julenissen, It has almost been a whole year since the last time I saw him!

 

[roblangston]

Small update, now at 10days 22hours 33mins uptime, still zero issues, how very boring. I think this one is going to be a keeper for me unless some major new features get released in a new firmware update.

 

[Murtaza12]

Uptime just over 24 hours, working great so far.
It's fantastic compared to the early builds available for the AC3200.

Rock solid WiFi performance so far on both 2.4 and 5GHz, and the GUI feels less laggy as well.

 

[dead_screem]

router just crashed today with this build since running it when it was first released. WiFi and LAN went down. After power cycling the router, the slow boot issue returned and now persists after every power cycle.. It takes so long for it to boot up fully my wired PC grabs an auto-config IP instead of what the routers DHCP gives out.

*sigh*