What's new

Release ASUS RT-AX88U Firmware version 3.0.0.4.388.20558 (2022/09/21)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

LimJK

Very Senior Member
Version 3.0.0.4.388.20558
2022/09/21 64.28 MBytes

ASUS RT-AX88U Firmware version 3.0.0.4.388.20558

Bug fixes
  • Fixed port status UI bugs
  • Modified WireGuard VPN server default setting to fix iOS WireGuard app connection issues. If you have iOS connection issues on the previous version(3.0.0.4.388.20518), please upgrade to this version and reset the router.
  • Fixed VPN fusion connection issues with Surfshark WireGuard profile.
  • Improved the AiMesh stability.
Security
  • Fixed HTTP response splitting vulnerability. Thanks to Efstratios Chatzoglou, University of the Aegean.
  • Fixed status page HTML vulnerability. Thanks to David Ward.
  • Fixed CVE-2018-1160. Thanks to Steven Sroba.
  • Fixed cfg_server security issue.
  • Fixed CVE-2011-0719, CVE-2012-2812, CVE-2012-2836, CVE-2012-2837, CVE-2012-2841, CVE-2012-3868, CVE-2013-0172, CVE-2013-4124, CVE-2014-3493, CVE-2015-0240, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118, CVE-2016-4425, CVE-2016-6328, CVE-2016-10196, CVE-2018-5743, CVE-2018-13305, CVE-2018-15822, CVE-2018-20030, CVE-2018-1999012, CVE-2019-9278, CVE-2019-17498, CVE-2020-0093, CVE-2020-0182, CVE-2020-12767, CVE-2020-13112, CVE-2020-13113,CVE-2020-13114, CVE-2020-13904,CVE-2020-14323, CVE-2020-20450, CVE-2020-20451, CVE-2020-20891, CVE-2020-20892, CVE-2020-20896, CVE-2020-20898, CVE-2020-21041, CVE-2020-21688, CVE-2020-21697, CVE-2020-22016, CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22036, CVE-2020-22038, CVE-2020-22039, CVE-2020-22040, CVE-2020-22041, CVE-2020-22042, CVE-2020-22043, CVE-2020-22044, CVE-2020-22046, CVE-2020-22048, CVE-2020-22049, CVE-2020-22051, CVE-2020-22054, CVE-2020-23906, CVE-2022-35401,CVE-2021-38090,CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094, CVE-2021-38114, CVE-2021-38171.

https://dlcdnets.asus.com/pub/ASUS/wireless/RT-AX88U/FW_RT_AX88U_300438820558.zip

Please unzip the firmware file first then check the MD5 code.
MD5: de21b9c46cb0b1873ba33d965f47cedf
 
  • Fixed CVE-2011-0719, CVE-2012-2812, CVE-2012-2836, CVE-2012-2837, CVE-2012-2841, CVE-2012-3868, CVE-2013-0172, CVE-2013-4124, CVE-2014-3493, CVE-2015-0240, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2115, CVE-2016-2118, CVE-2016-4425, CVE-2016-6328, CVE-2016-10196, CVE-2018-5743, CVE-2018-13305, CVE-2018-15822, CVE-2018-20030, CVE-2018-1999012, CVE-2019-9278, CVE-2019-17498, CVE-2020-0093, CVE-2020-0182, CVE-2020-12767, CVE-2020-13112, CVE-2020-13113,CVE-2020-13114, CVE-2020-13904,CVE-2020-14323, CVE-2020-20450, CVE-2020-20451, CVE-2020-20891, CVE-2020-20892, CVE-2020-20896, CVE-2020-20898, CVE-2020-21041, CVE-2020-21688, CVE-2020-21697, CVE-2020-22016, CVE-2020-22017, CVE-2020-22020, CVE-2020-22022, CVE-2020-22023, CVE-2020-22025, CVE-2020-22026, CVE-2020-22027, CVE-2020-22028, CVE-2020-22030, CVE-2020-22031, CVE-2020-22032, CVE-2020-22036, CVE-2020-22038, CVE-2020-22039, CVE-2020-22040, CVE-2020-22041, CVE-2020-22042, CVE-2020-22043, CVE-2020-22044, CVE-2020-22046, CVE-2020-22048, CVE-2020-22049, CVE-2020-22051, CVE-2020-22054, CVE-2020-23906, CVE-2022-35401,CVE-2021-38090,CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094, CVE-2021-38114, CVE-2021-38171.

Holy Moly! And back to 2011! Did they really fix anything or just start using a new component that is not vulnerable, I wonder.

OE
 
Holy Moly! And back to 2011! Did they really fix anything or just start using a new component that is not vulnerable, I wonder.
If you look them up, the vast majority of these are from ffmpeg.
 
Installed without breaking my internet connection.
 
@RMerlin Is this coming to an asus-merlin release in the near future? are any of these cve's part of 386.8?
 
@RMerlin Is this coming to an asus-merlin release in the near future? are any of these cve's part of 386.8?
I don't have any immediate plans for a new release. I don't know which of these are affecting me (I don't feel like reviewing 30 different CVEs), but the fact they are mostly tied to ffmpeg indicate that most of these are probably non-issues. ffmpeg is only used with the Media Server, and it only uses it for thumbnail generation, so I suspect most of these cannot be exploited in a router. i.e. there's no ffmpeg executable, only the library that gets used by minidlna.
 
I don't have any immediate plans for a new release. I don't know which of these are affecting me (I don't feel like reviewing 30 different CVEs), but the fact they are mostly tied to ffmpeg indicate that most of these are probably non-issues. ffmpeg is only used with the Media Server, and it only uses it for thumbnail generation, so I suspect most of these cannot be exploited in a router. i.e. there's no ffmpeg executable, only the library that gets used by minidlna.
I know how worried you must have been when you saw that ffmpeg was a potential concern....
 
Is it possible to reset without losing configuration? I.e. ssid, passwords, etc

Would issues with an AX88u set up as a ai mesh node pass to the entire network? (AX86u via wired backhaul)

We might be experiencing some of those iOS connection issues and I would hate to have to reset all my devices again.
 
Is it possible to reset without losing configuration? I.e. ssid, passwords, etc

No.

Would issues with an AX88u set up as a ai mesh node pass to the entire network? (AX86u via wired backhaul)

I suppose that depends on the issue. Resetting a node is easy... remove it from the AiMesh, wait a bit, and then search/add it back.

OE
 
are the previous ios issues only in combination with wireguard.

e.g i currently have 49674 runnnig(no ios issues) and like to upgrade to this version
i am not using wireguard, only openvpn
 
I set up wireguard vpn server running F/V 3.0.0.4.388_20558. Clients are iphone 11 and 13, old mba and intel laptop. Used QR code for the iphones and export file for mba and laptop client setup. No issues so far.
 
Last edited:
Is anyone running Dual WAN with manual routing experiencing any issues with Primary/Secondary WAN routing?
 
@scott420 Dual WAN has never ever worked correctly on Asus Routers.
Thank you for the useful comment. It works decently well on my older firmware. FFS I should just delete my account you people are useless

IT WORKS PERFECTLY FINE ON MY OLDER BUILD. DO YOU KNOW WHAT AN OLDER BUILD IS?
DO YOU UNDERSTAND MY DUAL WAN WORKS REASONABLY WELL ON AN OLDER BUILD? DO YOU KNOW WHAT AN OLDER BUILD IS? DO YOU KNOW WHAT REASONABLY WELL MEANS?

THIS SITE IS USELESS FOR ANY ACTUAL HELPFUL INFORMATION
PLEASE NUKE MY ACCOUNT MODERATORS I WON'T BE BACK
A BUNCH OF ELITE SNOBS WHO KNOW NOTHING ABOUT LINUX SUCKING EACH OTHER OFF

I CANNOT FIND A WAY TO DELETE IT MYSELF OR ELSE I WOULD

I'M DONE HERE
 
Last edited by a moderator:
It works decently well on my older firmware.

Perhaps you've never seen how dual WAN has to perform. ER605 router for $60 can demonstrate it to you.

What do you think this script is fixing on Asus routers?

 
Thank you for the useful comment. It works decently well on my older firmware. FFS I should just delete my account you people are useless

IT WORKS PERFECTLY FINE ON MY OLDER BUILD. DO YOU KNOW WHAT AN OLDER BUILD IS?
DO YOU UNDERSTAND MY DUAL WAN WORKS REASONABLY WELL ON AN OLDER BUILD? DO YOU KNOW WHAT AN OLDER BUILD IS? DO YOU KNOW WHAT REASONABLY WELL MEANS?

THIS SITE IS USELESS FOR ANY ACTUAL HELPFUL INFORMATION
PLEASE NUKE MY ACCOUNT MODERATORS I WON'T BE BACK
A BUNCH OF ELITE SNOBS WHO KNOW NOTHING ABOUT LINUX SUCKING EACH OTHER OFF

I CANNOT FIND A WAY TO DELETE IT MYSELF OR ELSE I WOULD

I'M DONE HERE
Good God !! o_O

I don't want something which works REASONABLY WELL. I want it to work PERFECTLY WELL.
 
Is anyone running Dual WAN with manual routing experiencing any issues with Primary/Secondary WAN routing?

Yes, it’s broken in this firmware. I did roll back for a while but I’ve given up now. I bought a TP Link ER605 and it’s rock solid. Slightly easier to set up to with IP groups.

AX88U is now just an Ai Mesh AP now. My home network has never been so reliable.
 
Yesterday I enabled dual WAN just to see if it has improved any over previous routers and I noticed that the white LED status lights on the router all turned off. Is this normal behavior? I cannot seem to locate anything in the manual about this behavior.

Edit: Although I'd hit the LED on/off button several times before today I pushed it again and the lights turned back on so go figure.
 
Last edited:

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top