Menu
What's new
By:
Filters Better Search

RT-AX88U maxing out a core and regularly showing 60+ MB/s upload

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jd24 said:
My spikes today weren't a glitch. I check my isp app and it displays the amount of GB's used and see big jumps!!
Changed my password again, even stronger, rebooted and switched off ddns again.
Will rely on twingate for access (hoping this is still secure)
Click to expand...
Unfortunately I have Spectrum Internet and it's unlimited, so they provide no data to the customer. I imagine if this is actually happening and continues, I will hear from them.
 
I have a new router omada ER7206 coming today. Until this is fixed on my asus I can't be dealing with this issue wile trying to work from home remoting from one continent to another through azure vpn/ rdp.
Been thinkng of going omada for a while, will install the controller as a container on my unraid. (of course unless I have an infected device on my lan and the same happens! Fingers crossed the tplink will at least allow me to continue without this current issues until we know for sure what it is)
 
Aren’t these AiCloud services disabled by default in Merlin? Are people intentionally enabling them or is this a chained exploit using some other method to get into the router and enable the AiCloud services?

We still have no idea if it’s really AiCloud’s fault, but it’s been present on all the devices confirmed to have the sshd “infection”. Guilty until proven innocent?
 
Once I get my omada set up tonight, I'll swap them over and totally wipe the RT-AX86U. Then probably use it as non-dhcp, wifi only AP with the other RT-AC86U I have as a mesh node.
 
jd24 said:
Once I get my omada set up tonight
Click to expand...

By the way, if you are going to use Omada SDN and not stand alone GUI - Omada doesn't require local hardware/software controller anymore. There is a new Omada Cloud-Based Controller option with free account. Somewhat limited in features, but can save $100 in hardware.

www.tp-link.com

Omada Cloud-Based Controller

With the Omada Cloud-Based Controller entirely in the cloud, Omada Cloud SDN offers zero-touch provisioning for efficient and affordable deployment and provides centralized management of the network, including access points, switches, and routers.
www.tp-link.com www.tp-link.com
 
Tech9 said:
By the way, if you are going to use Omada SDN and not stand alone GUI - Omada doesn't require local hardware/software controller anymore. There is a new Omada Cloud-Based Controller option with free account. Somewhat limited in features, but can save $100 in hardware.

www.tp-link.com

Omada Cloud-Based Controller

With the Omada Cloud-Based Controller entirely in the cloud, Omada Cloud SDN offers zero-touch provisioning for efficient and affordable deployment and provides centralized management of the network, including access points, switches, and routers.
www.tp-link.com www.tp-link.com
Click to expand...
Unraid have the omada controller as an app - will give that a go first, good reviews.
But thanks for the alternative option. Prefer to have it local
 
Rewonka said:
I found this:
securityaffairs.com

ASUS fixed critical remote authentication bypass bug in several routers

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models.
securityaffairs.com securityaffairs.com
Click to expand...
Date: June 16, 2024
But it's Oct and we've only seen these issues now?

Now all of us on merlin, roll back to stock with this patch update? Or are merlin going to release a new version?
Anyways my omada ER7206 is arriving tonight. We'll give that a run for its money to see if I like the ecosystem.
 
Perhaps we can look forward to a patched 3004 merlin drop soon. But, as things are shaping up, we'd only be vulnerable if we leave the door open by exposing services on the router anyway.
 
dave14305 said:
Aren’t these AiCloud services disabled by default in Merlin? Are people intentionally enabling them or is this a chained exploit using some other method to get into the router and enable the AiCloud services?

We still have no idea if it’s really AiCloud’s fault, but it’s been present on all the devices confirmed to have the sshd “infection”. Guilty until proven innocent?
Click to expand...
I'm running stock ASUS firmware, not Merlin. Yes, it's enabled by default.

EDIT: I don't know how it was enabled since I don't remember doing it myself. I've only ever seen it enabled on this router and the last 2 ASUS routers I've had during the previous 12+ years. Everyone else seems to not have it enabled by default so I was probably wrong about the default setting.
 
Last edited:
dave14305 said:
Aren’t these AiCloud services disabled by default in Merlin? Are people intentionally enabling them or is this a chained exploit using some other method to get into the router and enable the AiCloud services?
Click to expand...
Interesting theory. I honestly cannot remember turning them on myself. I have them disabled and so far so good. But it has been only 2 days so far.
 
Paliv said:
Thread 'ASUS RT-BE86U Firmware version 3.0.0.6.102_37022'
https://www.snbforums.com/threads/asus-rt-be86u-firmware-version-3-0-0-6-102_37022.92289/

“2.Enhanced AiCloud password protection mechanisms, safeguarding against unauthorized access attempts.”

Seems that AiCloud could be the problem child.
Click to expand...
The RT-AX5400 firmware version 3.0.0.4.388_25119 had a very similar changelog for security too.
www.snbforums.com

Release - ASUS RT-AX5400 Firmware version 3.0.0.4.388_25119 (2024/10/16)

Version 3.0.0.4.388_25119 48.25 MB 2024/10/16 1. Strengthened system code execution processes. 2. Enhanced AiCloud password protection mechanisms, safeguarding against unauthorized access attempts. 3. Refined input validation in the web interface, ensuring a more secure web interaction...
www.snbforums.com www.snbforums.com


RT-AX57 Go recent firmware made a mention about fixing AiCloud vulnerabilities too.
Version 3.0.0.6.102_55783 (2024/10/15)
Security:
Update SAE-H2E for security.
Update privacy policy.
Fixed OpenVPN vulnerabilities.
Fixed Security command injection.
Fixed AiCloud vulnerabilities.

Feature:
Add Home/Travel mode for multi-function button, you can swap different modes with customized settings with the physical button.
Fixed AiCloud related issues.
Click to expand...

RT-AX57 Go|WiFi Routers|ASUS Global

Discover RT-AX57 Go: a portable AX3000 WiFi 6 router with cutting-edge MU-MIMO & OFDMA tech, VPN support, AiProtection, & AiMesh for ultimate connectivity.
www.asus.com www.asus.com
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
Z Asus AX88u slow on 2.4ghz wifi on certain devices Asuswrt-Merlin 9
N Nightmare for AI mesh pairing with RT-AX88U Asuswrt-Merlin 12
D L2TP client on ax88U pro running latest merlin firmware how to add device Asuswrt-Merlin 0
StephanK RT-AX88U Pro Wireguard Asuswrt-Merlin 5
H RT-AX88U Merlin Parental Control not working Asuswrt-Merlin 3
N WiFi issues with latest version 388.8_2 on ASUS RT-AX88U Asuswrt-Merlin 7
A RT-AX88U - 3004.388.8_2 - SSH connection closed after few minutes from reboot Asuswrt-Merlin 10
S Merlin firmware and 2.4GHz band drops on AX88u and BE88u Asuswrt-Merlin 4
U Huawei E8372 LTE stick not working on AX88U Asuswrt-Merlin 1
A RT-AX88U clean installation guide Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,094 (members: 27, guests: 1,067)
Top