Menu
What's new
By:
Filters Better Search

ASUS urges customers to patch critical router vulnerabilities

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Is anyone running this latest firmware (stock Asus) on AX58U ? I am a few revisions behind (firmware dated January 2023 I believe) because the revision after that broke my 2.4 band. All my smart devices, cameras etc.. which only use 2.4 kept disconnecting and the router needed rebooting 1-2 times per day. I was fine running the older firmware to keep things stable but now with this vulnerability it seems I am running a risk by doing that. Curious if anyone else experienced this and if they still are with this latest firmware? Thank you!
 
Ok, I was originally looking for answers about the patched CVE's but after reading all 3 pages of this thread, I'm even more confused that before I started reading it.

I have checked the details log for my router and some of them are included in the official ASUSWRT firmware like CVE-2023-28702 and CVE-2023-28702 but when I checked the Merlin's Changelog, I couldn't find them.

l also noticed that the latest official ASUSWRT firmware is a few months old but Merlin's one was released a month after but still doesn't have the above listed CVE's that are included in its official firmware from ASUS. I noticed that some features may vary between ASUS's official firmware and the Merlin's one but the said vulnerable components for example like Netatalk are still used by both but there are no fixes for it on the Merlin's firmware going by the changelog ?

Am I missing something here ?
 
I don't document security fixes unless I'm the one fixing them, as I have no way of keeping track of which issues are fixed in a specific GPL drop from Asus. You will have to look at the GPL version used in a specific firmware release, then look at Asus' own changelogs.
 
RMerlin said:
I don't document security fixes unless I'm the one fixing them, as I have no way of keeping track of which issues are fixed in a specific GPL drop from Asus. You will have to look at the GPL version used in a specific firmware release, then look at Asus' own changelogs.
Click to expand...
As I'm new to how you operate changelogs here, any guidance on it would be great.
 
You must log in or register to reply here.

Similar threads

BlueOrbit
  • Locked
ASUS urges customers to patch critical router vulnerabilities
Replies
3
Views
1K
RMerlin
RMerlin
K
  • Locked
PC Mag and others on 6/20/23: 19 Asus Routers Need Their Firmware Updated Immediately
Replies
1
Views
2K
RMerlin
RMerlin
azagramac
  • Locked
Important news from Asus, ask to update the following routers.
Replies
1
Views
1K
RMerlin
RMerlin
T-Bo4
Looking to buy AX router.
Replies
10
Views
353
sfx2000
sfx2000
d5aqoep
ASUS GT-AX11000 PRO Firmware version 3.0.0.4.388_24721 (5th March 2024)
Replies
0
Views
564
d5aqoep
d5aqoep
Similar threads
Thread starter Title Forum Replies Date
D Asus vs. Orbi ASUS Wireless 0
N 12V ASUS router with the longest 2.4GHz WiFi range ASUS Wireless 39
tiddlywink ASUS ExpertWiFi EBG15 ASUS Wireless 19
XIII EOL ASUS routers affected by TheMoon malware ASUS Wireless 17
K Asus moving some devices to EOL while issues still remain ASUS Wireless 64
A Router.asus.com being forced to https in Firefox again ASUS Wireless 3
thegios ASUS XT(8 2 node mesh: troubleshoot IP camera dosconnection issues ASUS Wireless 8
T ASUS Router hard reset ASUS Wireless 3
M T-Mobile ASUS TM-AC1900 (RT-AC68U variant) gets WAN IP and can ping Internet but connected WiFi clients indicate no Internet? ASUS Wireless 7
M VPN setup with ASUS, QNAP and SOPHOS ASUS Wireless 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,039 (members: 30, guests: 1,009)
Top