Release RT-AX68U Firmware version 3.0.0.4.386_45911 (2021/10/25)

[MrAsusIsBack]

ASUS RT-AX68U Firmware version 3.0.0.4.386.45911
This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018- 1000517
cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839
Lighttpd
- CVE-2018-19052
Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052
lldpd
- CVE-2020-27827
Avahi
- CVE-2017-6519
hostapd
- CVE-2021-30004
- CVE-2019-16275
OpenVPN
- CVE-2020-11810
- CVE-2020-15078
wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041

2.Fixed Let's encrypt issues.
3.Fixed Stored XSS vulnerability.
4.Fixed CVE-2021-41435, CVE-2021-41436.
Thanks to Efstratios Chatzoglou, University of the Aegean
Georgios Kambourakis, European Commission at the European Joint Research Centre
Constantinos Kolias, University of Idaho.
5.Fixed Stack overflow vulnerability. Thanks to Jixing Wang (@chamd5) contribution.
6.Fixed information disclosure vulnerability .Thanks to CataLpa from DBappSecurity Co.,Ltd Hatlab and Yao Chen(@ysmilec) of 360 Alpha Lab contribution.
7. Fixed WAN DNS setting cannot setup LAN side pihole server.
8. Fixed DoS vulnerability from spoofed sae authentication frame. Thanks for Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.
9. Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.

Please unzip the firmware file first then check the MD5 code.
MD5: 0eb15e1ddeaafad0d2cee4e7d7b26e96

https://dlcdnets.asus.com/pub/ASUS/wireless/RT-AX68U/FW_RT_AX68U_300438645911.zip

 

[MrAsusIsBack]

Experience in ROUTER-Mode: No
Experience in AP-Mode: Update without any issues and runs stable since 4 days
Experience in NODE-Mode:
I use also one RT-AX68U as Node. Here is the same problem as before that he only works if both radios are enabled. If only 5GHz radio is used in Node-Mode the RT-AX68U is going crazy and switch on or off both radios and at least no radio will work.
I do extra switch to fixed 80MHz and use a fixed channel (no DFS channel), but this also does't help as before. I still hoped that this issue would be fixed.
I don't want to tell how often i contact Asus about this issue, the only answer in every different way was to reset the router via WPS etc.
My RT-AX58U running well as node in each config.
But at all my RT-AX68U has the best coverage (6dB-8dB more signal strenght) than my RT-AX86U. (if i compare at the same place).

 

[sturmstar]

Is this legit? I'm asking because there is still no sign on the Asus Websites and my router doesn't offer me this update... Also - is DNSFilter back?
Thank you!

 

[Kendo]

Tried this for like an hour then installed Merlin fw.
Think I saw the release on some Asus site (us?) yesterday evening.

 

[MrAsusIsBack]

Is this legit? I'm asking because there is still no sign on the Asus Websites and my router doesn't offer me this update... Also - is DNSFilter back?
Thank you!

Hopefully you don't confuse RT-AX68U with RT-AX86U? Your footnote shows me an 86U

 

[sturmstar]

Hopefully you don't confuse RT-AX68U with RT-AX86U? Your footnote shows me an 86U

You're absolutely right - thank you - must been my tomato-eyes. Never mind. Thanks!