Friendly reminder that OpenWrt exists, and is probably safer than the stock firmware in any consumer router.
From a quick look, I see that at least one of the affected models has official OpenWrt support: the RT-AC68U
I thought OpenWRT doesn’t support modems due to licencing issues.
So, I guess you would need a separate modem, or ISP router in bridge mode, or double NAT with OpenWRT being DMZI can only get merlin on my rt-ax86u pro. Only aimesh for me!
I got fed up with trying to find the right firmware each time. It was too much of a hassle. Then small issues with the one I had… you need an earlier version… I love the idea, it was just a pain.
Friendly reminder that OpenWrt supports Raspberry Pi and every Pi from 3 onwards makes for a great, inexpensive router. Adding WiFi can be done with any off-the-shelf WiFi router or access point, brand new or second hand. Since they aren’t exposed to the Internet, remote vulnerabilities are significantly mitigated.
Yup. I use a CM4 with a DFRobot router board running openwrt. Works great.
According to the CVE it looks like my XT8 is already updated beyond the affected version. It says through version 3.0.0.4.388_24609 and mine is version 3.0.0.4.388_24621.
I also noticed this vulnerability was posted on May 29th with the last update being June 13th. Seems like this a report that’s already outdated.
Thanks for the reminder to switch to merlin firmware.
Will that let you download speeds greater than 160 mbps? The last time I tried Merlin, the ASUS router I had wouldn’t download at full speed allowed by my internet connection?
I’m getting full speed (currently 290mbps on verizon 5g).
Curious to know if this affects the DD-WRT style firmware as well?
That site… even the model list is an advertorial.
- XT8 (ZenWiFi AX XT8)
- XT8_V2 (ZenWiFi AX XT8 V2)
- RT-AX88U
- RT-AX58U
- RT-AX57
- RT-AC86U
- RT-AC68U
Absolutely. Like why in the world would the article have a list of features included in each model of router?
Anyone got a link to the vulnerability information? I’d like to try it out on my router just for fun.
It’s really too bad I’m unable to update my firmware until I agree to let ASUS sell my data.
Interestingly, I didn’t get any prompts. It did tell me to manually restart the router but once it did, no prompts. RT-AC68U running 3.0.0.4.386_51915
