What's new

Firmware Update for AX86U (8-31-2021)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Ameenhuus

Occasional Visitor
ASUS RT-AX86 Series(RT-AX86U/RT-AX86S) Firmware version 3.0.0.4.386.45375
This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018- 1000517

cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839

Lighttpd
- CVE-2018-19052

Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052

lldpd
- CVE-2020-27827

Avahi
- CVE-2017-6519

hostapd
- CVE-2021-30004
- CVE-2019-16275

OpenVPN
- CVE-2020-11810
- CVE-2020-15078

wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041

Fixed DoS vulnerability from spoofed sae authentication frame. Thanks to Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.

Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.

Please unzip the firmware file first then check the MD5 code.
MD5: 97009cd613c92155e69fe476a7fc22d6
 
ASUS RT-AX86 Series(RT-AX86U/RT-AX86S) Firmware version 3.0.0.4.386.45375
This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018- 1000517

cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839

Lighttpd
- CVE-2018-19052

Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052

lldpd
- CVE-2020-27827

Avahi
- CVE-2017-6519

hostapd
- CVE-2021-30004
- CVE-2019-16275

OpenVPN
- CVE-2020-11810
- CVE-2020-15078

wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041

Fixed DoS vulnerability from spoofed sae authentication frame. Thanks to Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.

Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.

Please unzip the firmware file first then check the MD5 code.
MD5: 97009cd613c92155e69fe476a7fc22d6
Wow, that's quite a list of CVEs, perhaps a new record (without checking, or knowing how serious they are).
 
New ASUS firmware out today for AX86U - 3.0.0.4.386.45375

Version 3.0.0.4.386.45375

2021/08/31 74.93 MBytes

ASUS RT-AX86 Series(RT-AX86U/RT-AX86S) Firmware version 3.0.0.4.386.45375
This version includes several vulnerability patches.
BusyBox
- CVE-2016-2148
- CVE-2016-6301
- CVE-2018- 1000517

cURL
- CVE-2020-8169
- CVE-2019-5481
- CVE-2019-5482
- CVE-2018-1000120
- CVE-2018- 1000300
- CVE-2018-16839

Lighttpd
- CVE-2018-19052

Linux
- CVE-2020-14305
- CVE-2020-25643
- CVE-2019-19052

lldpd
- CVE-2020-27827

Avahi
- CVE-2017-6519

hostapd
- CVE-2021-30004
- CVE-2019-16275

OpenVPN
- CVE-2020-11810
- CVE-2020-15078

wpa
- CVE-2021-30004
- CVE-2021-27803
- CVE-2019-11555
- CVE-2019-9499
- CVE-2019-9498
- CVE-2019-9497
- CVE-2019-9496
- CVE-2019-9495
- CVE-2019-9494
- CVE-2017-13086
- CVE-2017-13084
- CVE-2017-13082
- CVE-2016-4476
- CVE-2015-8041

Fixed DoS vulnerability from spoofed sae authentication frame. Thanks to Efstratios Chatzoglou, University of the Aegean, Georgios Kambourakis, European Commission at the European Joint Research Centre, and Constantinos Kolias, University of Idaho.

Fixed envrams exposed issue. Thanks to Quentin Kaiser from IoT Inspector Research Lab contribution.
 
The version list fails to mention that DoT and DNS Filter are included in this release. This is a big plus and a feather in Merlin's bonnet as Asus used his code!
Thanks Eric!!!
There are more changes coming for the AX series. One is Wireguard.
 
@bbunge Wiregaurd VPN sounds intriguing. :D

I am wondering what ever happened to that past reported channel extension coming to the 5Ghz band.
 
Last edited:
The version list fails to mention that DoT and DNS Filter are included in this release. This is a big plus and a feather in Merlin's bonnet as Asus used his code!
Thanks Eric!!!
There are more changes coming for the AX series. One is Wireguard.
Any idea why there are frequent ASUS acknowledgments of contributions for patches etc from others but NEVER [that I have seen] from their greatest individual improvements contributor ... @RMerlin ???
 
They have given him credit. I remember seeing Asus reference RMerlin in previous firmware updates for Asus AC routers.
 
Any idea why there are frequent ASUS acknowledgments of contributions for patches etc from others but NEVER [that I have seen] from their greatest individual improvements contributor ... @RMerlin ???
They did it early on. Over time they probably just figured it was pointless to mention it every time it occurred. And I'm fine with that.
 
Wireguard sounds intriguing! Anyone here planning on switching to it from OpenVPN?
 
They did it early on. Over time they probably just figured it was pointless to mention it every time it occurred. And I'm fine with that.
Do Asus pay you for your code? Just wondering.
 
With this new firmware I am seeing:
dnsmasq-dhcp[1366]: DHCPACK(br0) ... lines in my System log....

not concerned, just not sure what it means....
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top