Release Asus ZenWiFi CT8 - New Firmware: 3.0.0.4.386.45934

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

SandboxHaze

New Around Here
ASUS ZenWiFi CT8 Firmware version 3.0.0.4.386.45934
1. AiMesh 2.0
- System optimization: one click in AiMesh to optimize the topology
- System Ethernet backhaul mode, all nodes will only connect by ethernet, all bands will be released for wireless clients.
- System factory default and reboot.
- Client device reconnect, make the device to offline and online again.
- Client device binding to specific AP.
- Guest WiFi on all Mesh nodes (all node need to upgrade to 3.0.0.4.386 firmware)
- Access nodes USB application.

Connection priority and Ethernet backhaul mode introduction

How to setup ASUS AiMesh or ZenWiFi Mesh Ethernet backhaul under different conditions

2. New Family interface in ASUS router App.
ASUS Router App for iOS must greater or equal to iOS v1.0.0.5.75
Android version greater or equal to v1.0.0.5.74

3. The unit of the WiFi time scheduler goes to 1 minute.

4. Support IPSec IKE v1 and IKE v2, and you can use the Windows 10 native VPN client program to connect to the router's IPSec VPN server. The Windows 10 new FAQ is in https://www.asus.com/support/FAQ/1033576

5. 2.4 and 5G on the network map could be configured in the same tab.

6. Captcha for login can be disabled in administration -> system.

7. Printer server port can be disabled on the USB app page.

8. Clients which connect to the guest network can be viewed in the network map -->view list --> interface

9. Fix Let's Encrypt not working properly.

10. Add IPTV supports for specific region.

Security fixes:

1. Fixed CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686

2. Fixed DoS vulnerability. Thanks for Tsinghua University NISL's contribution.

3. Fixed DoS vulnerability from spoofed sae authentication frame. Thanks for Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.

4. Fixed Stored XSS vulnerability.

5. .Fixed CVE-2021-41435, CVE-2021-41436.
Thanks to Efstratios Chatzoglou, University of the Aegean

6. BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018- 1000517

7. cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839

8. Lighttpd
- CVE-2018-19052

9. Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052

10. lldpd
- CVE-2020-27827

11. Avahi
- CVE-2017-6519

12. hostapd
- CVE-2021-30004
- CVE-2019-16275

13. OpenVPN
- CVE-2020-11810
- CVE-2020-15078

14. wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041

15. Fixed httpd vulnerability
Thanks to Wei Fan contribution.

16. Fixed stack overflow vulnerability

17. Fixed DoS vulnerability
Thanks to 360 Future Security Lab's contribution.

Please unzip the firmware file first then check the MD5 code.
MD5:1ea263bfdf97fd5e608ddebb27b1804d

Download: https://dlcdnets.asus.com/pub/ASUS/wireless/ZenWiFi_CT8/FW_ZENWIFI_CT8_300438645934.zip
 
  • Like
Reactions: tgp

mr.win

New Around Here
This firmware update 3.0.0.4.386_45934-gb23bdac on my ZenWiFi AC (CT8) is one 1 big bucket of misery...
After Auto Firmware Upgrade , everything went very smoothly. The new features were desired and I was really happy to see that I could finally prioritize topology of nodes (which nodes connect to where) and also direct the devices to which nodes to connect to. But what happened was that nodes randomly started disconnecting and rebooting, devices that randomly connect to other nodes with yellow exclamation marks on nodes it shouldn't connect to. Nodes that are tied together in a completely illogical order, causing the whole house (3x CT8 (1x router, 2 x nodes)) to have a bad connection. Sometimes it switches back to desired topology but then a few minutes later the nodes go offline again, blink blue and then randomly come back online and finally repeat this constantly. After throwing away 2 days of my life, I'm done with it. Now go back to previous firmware that was also not perfect but at least was stable for some time. ASUS what are you doing?

I often see in the log file: : kernel: "mac-adres" not mesh client, can't delete it

In the attecment you can see all the all possible topology scenarios that the system does randomly after connection is lost and the light on the device starts flashing blue and then contact with new topolgy
 

Attachments

  • zenwifiAC.jpg
    zenwifiAC.jpg
    83.9 KB · Views: 38

OzarkEdge

Part of the Furniture
This firmware update 3.0.0.4.386_45934-gb23bdac on my ZenWiFi AC (CT8) is one 1 big bucket of misery...
After Auto Firmware Upgrade , everything went very smoothly. The new features were desired and I was really happy to see that I could finally prioritize topology of nodes (which nodes connect to where) and also direct the devices to which nodes to connect to. But what happened was that nodes randomly started disconnecting and rebooting, devices that randomly connect to other nodes with yellow exclamation marks on nodes it shouldn't connect to. Nodes that are tied together in a completely illogical order, causing the whole house (3x CT8 (1x router, 2 x nodes)) to have a bad connection. Sometimes it switches back to desired topology but then a few minutes later the nodes go offline again, blink blue and then randomly come back online and finally repeat this constantly. After throwing away 2 days of my life, I'm done with it. Now go back to previous firmware that was also not perfect but at least was stable for some time. ASUS what are you doing?

I often see in the log file: : kernel: "mac-adres" not mesh client, can't delete it

In the attecment you can see all the all possible topology scenarios that the system does randomly after connection is lost and the light on the device starts flashing blue and then contact with new topolgy

Have you tried a fixed (not Auto), non-DFS channel at 80 MHz... maybe it will settle down.

OE
 

mr.win

New Around Here
at the moment i am near despair, want to try everything as long as i have stable home network for my family.
 

mr.win

New Around Here
Oke after setting to control channel 112 @ 80Mhz, the node at the second floor dont want to come online.
I put that node now at the ground floor and i wont come up :( OMG.....
 

OzarkEdge

Part of the Furniture

OzarkEdge

Part of the Furniture
I'm living in the netherlands (europe)...

If you want to work on this here, you should probably start your own thread in the AX forum.

OE
 

OzarkEdge

Part of the Furniture
For tje record we ate talking here about the ASUS ZenWiFi AC (CT8)

OK then, the AC forum. The point is to not hijack this thread.

OE
 

Mineria

New Around Here
Ran into the same issues, rolling back to previous firmware on all devices solved it.

EDIT:
I'm not using any of the additional features like USB Application, AiProtection, Adaptive QoS, AiCloud, IPv6, VPN or other things that can be used from WAN to LAN, so I disabled all of it.
For some reason ASUS decided to have some security sensitive features enabled by default with this firmware update, like WAN access to the router itself.

1. Mesh nodes some times drop to 2.4GHz instead of sticking to the backhaul bands 5GHz.
2. Lot of fluxation in down/upload speeds and disconnects
3. WEBUI acts very slugish on some pages
4. Router log shows that it checks for updates more frequent

Core and memory utilization look fine, also nice to see additional features added like DNS TLS, just a shame that the firmware isn't stable with a WiFi backhaul.
 
Last edited:

OzarkEdge

Part of the Furniture
Oh oke, also when I think it's specifically this firmware release related issues?

Then revert to a previous working firmware version and wait for the next release.

OE
 

Mineria

New Around Here
Oh oke, also when I think it's specifically this firmware release related issues?
If you got the new firmware via the routers update feature try to upload the firmware manually to each device starting with the nodes instead.
Seems that the routers update feature caused havoc on my end, so just started from scratch and uploaded manually instead, seems stable so far.
Neither does it enable a lot of what I mentioned earlier, really weird that the manual upload makes so much of a difference.

EDIT: Everything works fine now, no idea what happened when I did let my Zen CT8 system (1 router + 2 nodes) update itself.
 
Last edited:

mr.win

New Around Here
If you got the new firmware via the routers update feature try to upload the firmware manually to each device starting with the nodes instead.
Seems that the routers update feature caused havoc on my end, so just started from scratch and uploaded manually instead, seems stable so far.
Neither does it enable a lot of what I mentioned earlier, really weird that the manual upload makes so much of a difference.

EDIT: Everything works fine now, no idea what happened when I did let my Zen CT8 system (1 router + 2 nodes) update itself.
did you first factory reset and then uploaded manually the new firmware?
 

RogerSC

Part of the Furniture
did you first factory reset and then uploaded manually the new firmware?

No, flash first, then factory reset and manually reconfigure; i.e. flash the all nodes first, then the router last. Then reset the nodes, then the router. And you should be able to use the Asus Router app on your phone to set up the mesh again. Then I tend to go to the web admin interface to do the fine tuning once the mesh is running again, seems easier to find settings in the web interface.
 

Mineria

New Around Here
did you first factory reset and then uploaded manually the new firmware?
No, a factory reset would wipe all settings, not up for manually restoring everything.

There are probably CLI options which can be used to export a editable configuration, didn't look into that part since it completely differs from what I'm used to (HP/Cisco CLI).
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top