Release ASUS RT-AX88U Firmware version 3.0.0.4.388.20558 (2022/09/21)

LimJK

Very Senior Member
Version 3.0.0.4.388.20558
2022/09/21 64.28 MBytes

ASUS RT-AX88U Firmware version 3.0.0.4.388.20558

Bug fixes
  • Fixed port status UI bugs
  • Modified WireGuard VPN server default setting to fix iOS WireGuard app connection issues. If you have iOS connection issues on the previous version(3.0.0.4.388.20518), please upgrade to this version and reset the router.
  • Fixed VPN fusion connection issues with Surfshark WireGuard profile.
  • Improved the AiMesh stability.
Security
  • Fixed HTTP response splitting vulnerability. Thanks to Efstratios Chatzoglou, University of the Aegean.
  • Fixed status page HTML vulnerability. Thanks to David Ward.
  • Fixed CVE-2018-1160. Thanks to Steven Sroba.
  • Fixed cfg_server security issue.
  • Fixed CVE-2011-0719, CVE-2012-2812, CVE-2012-2836, CVE-2012-2837, CVE-2012-2841, CVE-2012-3868, CVE-2013-0172, CVE-2013-4124, CVE-2014-3493, CVE-2015-0240, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118, CVE-2016-4425, CVE-2016-6328, CVE-2016-10196, CVE-2018-5743, CVE-2018-13305, CVE-2018-15822, CVE-2018-20030, CVE-2018-1999012, CVE-2019-9278, CVE-2019-17498, CVE-2020-0093, CVE-2020-0182, CVE-2020-12767, CVE-2020-13112, CVE-2020-13113,CVE-2020-13114, CVE-2020-13904,CVE-2020-14323, CVE-2020-20450, CVE-2020-20451, CVE-2020-20891, CVE-2020-20892, CVE-2020-20896, CVE-2020-20898, CVE-2020-21041, CVE-2020-21688, CVE-2020-21697, CVE-2020-22016, CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22036, CVE-2020-22038, CVE-2020-22039, CVE-2020-22040, CVE-2020-22041, CVE-2020-22042, CVE-2020-22043, CVE-2020-22044, CVE-2020-22046, CVE-2020-22048, CVE-2020-22049, CVE-2020-22051, CVE-2020-22054, CVE-2020-23906, CVE-2022-35401,CVE-2021-38090,CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094, CVE-2021-38114, CVE-2021-38171.

https://dlcdnets.asus.com/pub/ASUS/wireless/RT-AX88U/FW_RT_AX88U_300438820558.zip

Please unzip the firmware file first then check the MD5 code.
MD5: de21b9c46cb0b1873ba33d965f47cedf
 

OzarkEdge

Part of the Furniture
  • Fixed CVE-2011-0719, CVE-2012-2812, CVE-2012-2836, CVE-2012-2837, CVE-2012-2841, CVE-2012-3868, CVE-2013-0172, CVE-2013-4124, CVE-2014-3493, CVE-2015-0240, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118, CVE-2016-4425, CVE-2016-6328, CVE-2016-10196, CVE-2018-5743, CVE-2018-13305, CVE-2018-15822, CVE-2018-20030, CVE-2018-1999012, CVE-2019-9278, CVE-2019-17498, CVE-2020-0093, CVE-2020-0182, CVE-2020-12767, CVE-2020-13112, CVE-2020-13113,CVE-2020-13114, CVE-2020-13904,CVE-2020-14323, CVE-2020-20450, CVE-2020-20451, CVE-2020-20891, CVE-2020-20892, CVE-2020-20896, CVE-2020-20898, CVE-2020-21041, CVE-2020-21688, CVE-2020-21697, CVE-2020-22016, CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22036, CVE-2020-22038, CVE-2020-22039, CVE-2020-22040, CVE-2020-22041, CVE-2020-22042, CVE-2020-22043, CVE-2020-22044, CVE-2020-22046, CVE-2020-22048, CVE-2020-22049, CVE-2020-22051, CVE-2020-22054, CVE-2020-23906, CVE-2022-35401,CVE-2021-38090,CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094, CVE-2021-38114, CVE-2021-38171.

Holy Moly! And back to 2011! Did they really fix anything or just start using a new component that is not vulnerable, I wonder.

OE
 

RMerlin

Asuswrt-Merlin dev
Holy Moly! And back to 2011! Did they really fix anything or just start using a new component that is not vulnerable, I wonder.
If you look them up, the vast majority of these are from ffmpeg.
 

Mister2088

Occasional Visitor
@RMerlin Is this coming to an asus-merlin release in the near future? are any of these cve's part of 386.8?
 

RMerlin

Asuswrt-Merlin dev
@RMerlin Is this coming to an asus-merlin release in the near future? are any of these cve's part of 386.8?
I don't have any immediate plans for a new release. I don't know which of these are affecting me (I don't feel like reviewing 30 different CVEs), but the fact they are mostly tied to ffmpeg indicate that most of these are probably non-issues. ffmpeg is only used with the Media Server, and it only uses it for thumbnail generation, so I suspect most of these cannot be exploited in a router. i.e. there's no ffmpeg executable, only the library that gets used by minidlna.
 

SomeWhereOverTheRainBow

Part of the Furniture
I don't have any immediate plans for a new release. I don't know which of these are affecting me (I don't feel like reviewing 30 different CVEs), but the fact they are mostly tied to ffmpeg indicate that most of these are probably non-issues. ffmpeg is only used with the Media Server, and it only uses it for thumbnail generation, so I suspect most of these cannot be exploited in a router. i.e. there's no ffmpeg executable, only the library that gets used by minidlna.
I know how worried you must have been when you saw that ffmpeg was a potential concern....
 

whydidwebuyahouse

New Around Here
Is it possible to reset without losing configuration? I.e. ssid, passwords, etc

Would issues with an AX88u set up as a ai mesh node pass to the entire network? (AX86u via wired backhaul)

We might be experiencing some of those iOS connection issues and I would hate to have to reset all my devices again.
 

OzarkEdge

Part of the Furniture
Is it possible to reset without losing configuration? I.e. ssid, passwords, etc

No.

Would issues with an AX88u set up as a ai mesh node pass to the entire network? (AX86u via wired backhaul)

I suppose that depends on the issue. Resetting a node is easy... remove it from the AiMesh, wait a bit, and then search/add it back.

OE
 

Gravityz

Senior Member
are the previous ios issues only in combination with wireguard.

e.g i currently have 49674 runnnig(no ios issues) and like to upgrade to this version
i am not using wireguard, only openvpn
 

bar1

New Around Here
I set up wireguard vpn server running F/V 3.0.0.4.388_20558. Clients are iphone 11 and 13, old mba and intel laptop. Used QR code for the iphones and export file for mba and laptop client setup. No issues so far.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top