ASUS RT-AC86U – Official Thread

[UK Sentinel]

NEW ASUS RT-AC86U  Firmware version 3.0.0.4.384_81792

Date: 2020/04/14

ASUS RT-AC86U Firmware version 3.0.0.4.384.81792
– Improved connection stability.
– Optimized CPU utilization.

Firmware available from ASUS Upgrade process or via there download servers, or via link below

ASUS RT-AC86U Firmware version 3.0.0.4.384_81792

 

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[UK Sentinel]

Looks like ASUS have now pulled 384_81792 globally from all their download servers for the RT-AC86U due to some features not working as expected – alas unsure if there are any related security issues 

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[UK Sentinel]

Latest ASUS RT-AC86U Firmware version 3.0.0.4.386.51255

Version 3.0.0.4.386.51255

Release Date: 2023/03/02

1.Fixed HTTP response splitting vulnerability.
2.Fixed Samba related vulerabilities.
3.Fixed cfg server security issues.
4.Fixed Open redirect vulnerability.
5.Fixed token authentication security issues.
6.Fixed security issues on the status page.
7.Fixed XSS vulnerability.
8.Fixed CVE-2022-26376
9.Fixed CVE-2018-1160
10.Fixed IPv6-related bugs.
11.Added a new login URL http://www.asusrouter.com to fixed the login issues.
12.Optimize the AiMesh web interface
13.Fixed network map UI bugs
14.Fixed bugs related to Wi-Fi calling.
15.Supported web history record exported.
16.Fixed IPSec VPN server compatibility with Windows 10 VPN client.
17.Improved AiMesh connection stability.
18.Fixed IPTV issues.

https://www.asus.com/supportonly/rt-ac86u/helpdesk_bios/?model2Name=RT-AC86U

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[UK Sentinel]

Latest Release: ASUS RT-AC86U Firmware version 3.0.0.4.386.51529

Version 3.0.0.4.386.51529

Release Date: 2023/04/13

Security updates:
-Fixed DoS vulnerabilities in firewall configuration pages. Thanks to Jinghe Gao’s contribution.
-Fixed DoS vulerabilities in httpd. Thanks to Howard McGreehan.
-Fixed information disclosure vulnerability. Thanks to Junxu (Hillstone Network Security Research Institute) contribution.
-Fixed CVE-2023-28702 and CVE-2023-28703. Thanks to Xingyu Xu(@tmotfl) contribution.
-Fixed null pointer dereference vulnerabilities. Thanks to Chengfeng Ye, Prism Research Group – cse hkust contribution.

https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ac86u/helpdesk_bios/?model2Name=RT-AC86U

 

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[UK Sentinel]

Latest ASUS RT-AC86U Firmware version 3.0.0.4.386.51915

Version 3.0.0.4.386.51915

Release Date: 2023/07/10

Security updates:
-Fixed the cfg server vulnerability.
-Fixed the vulnerability in the logmessage function CVE-2023-35086/ CVE-2023-35087.
-Fixed lighttpd vulnerability, CVE-2023-35720.
-Fixed several curl vulnerabilities including CVE-2023-28322, CVE-2023-28321, and CVE-2023-28319.
-Fixed FFmpeg vulnerabilities, specifically CVE-2022-3964, CVE-2022-48434, and CVE-2022-3109.
-Fixed OpenSSL vulnerability, CVE-2023-0464.
-Fixed ReadyMedia vulnerabilitym CVE-2020-28926.
-Fixed UPnP vulnerability CVE-2020-12695.
-Patched a command injection vulnerability.
-Upgraded sqlighte and resolved CVE-2020-11656 / CVE-2019-19646 / CVE-2019-8457 / CVE-2020-11655 / CVE-2018-20505 / CVE-2019-16168 / CVE-2019-19645 / CVE-2020-13435 / CVE-2020-13631 / CVE-2020-13434
-Strengthened protection against SSH brute force attacks.

https://www.asus.com/uk/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ac86u/helpdesk_bios/?model2Name=RT-AC86U

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[UK Sentinel]

Latest ASUS RT-AC86U Firmware version 3.0.0.4.386_51925

Version 3.0.0.4.386_51925

2024/03/29

– Fixed command injection vulnerability.
– Fixed the ARP poisoning vulnerability. Thanks to the contribution of Xin’an Zhou.
– Fixed code execution in custom OVPN. Thanks to the contrubution of Jacob Baines.
– Fixed the injection vulnerability in AiCloud.
– Fixed stack buffer overflow in lighttpd. Special thanks to Viktor Edstrom.
– Fixed CVE-2023-35720
– Fixed the code execution vulnerability in AiCloud. Thanks to the contribution of chumen77.
– Fixed the XSS and Self-reflected HTML injection vulnerability. Thanks to the contrubution of Redfox Cyber Security.

https://www.asus.com/uk/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ac86u/helpdesk_bios?model2Name=RT-AC86U

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[UK Sentinel]

Note: the ASUS RT-AC86U is on ASUS EOL (End of Life) list, so nice to see ASUS releasing new ‘fixes’ before Firmware releases are stopped (I assume)

https://www.asus.com/event/network/EOL-product/

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[citylightwalrus]

ASUS RT-AC86U Firmware version 3.0.0.4.386_51955
Version 3.0.0.4.386_51955
66.64 MB
2024/11/08

1. Strengthened input validation and data processing workflows to further protect information security.
2. Enhanced AiCloud password protection mechanisms, safeguarding against unauthorized access attempts.
3. Enhanced device security through improved buffer handling in connection features.
4. Refined data handling processes, ensuring secure and accurate information management.
5. Enhanced file access control mechanisms, promoting a more secure operating environment.
6. Strengthened certificate protection, providing enhanced data security.

Please unzip the firmware file, and then verify the checksum.
SHA256: af63aeb4ef335e2ebac521358103de451333b021ec82e59736854ae95a3424e0

https://www.asus.com/nz/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ac86u/helpdesk_bios?model2Name=RT-AC86U

Share the knowledge

Liked by:

You need to login in order to vote

[UK Sentinel]

Looks like ASUS are very busy with all these Security updates for there various RT routers.

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[UK Sentinel]

ASUS kindly released another firmware update for the  RT-AC86U even though the RT-AC86U is EoL.

ASUS RT-AC86U Firmware version 3.0.0.4.386_52294

2025/10/28

 

– Enhanced system stability.
– Enhanced input validation and refactored legacy string handling routines to ensure robust memory management.
– Mitigated security risks in AiCloud service by enforcing strict credential verification, implementing robust file path validation, and hardening command execution logic to prevent unauthorized access and manipulation of system resources.
– Implemented comprehensive validation and expanded command filtering in the web history API.G1
– Fixed a privilege escalation vector in the IFTTT token exchange mechanism
– Strengthened input validation and directory handling in the VPN configuration upload interface.
– Fixed an issue that allowed certain user settings to be bypassed, improving overall user control and protection.

 

https://www.asus.com/supportonly/rt-ac86u/helpdesk_bios?model2Name=RT-AC86U

 

Share the knowledge

In a completely sane world, madness is the only freedom (J.G.Ballard).

You need to login in order to vote

[Author]

Posts