当前位置：首页 > 华硕官方固件 > 正文内容

ASUS Blue Cave 3.0.1.4.383.19267

bingge8年前 (2018-05-26)华硕官方固件57650

版本 3.0.1.4.383.192672018/05/2434.88 MBytes

ASUS Blue Cave Firmware version 3.0.1.4.383.19267
Add
-MU-MIMO feature
-IPTV Stuff-Fibre profile supported

Optimize
-Wireless networking configuration
-USB disk access performance

Fixed
-DFS channel switch issue
-OpenVPN client authentication issues.
-Traffic Analyzer web GUI display issue
-Smart Sync Stored XSS vulnerabilities.
-CVE-2018-8877, CVE-2018-8878, CVE-2018-8879
-XSS vulnerability. Thanks to Yonghui Han of Fortinet's FortiGuard Labs
-Information disclosure vulnerability. Thanks to Haitan Xiang and Fand Wang.
-CVE-2018-5721 Stack-base buffer overflow vulnerability
-CVE-2018-8826 remote code code execution vulnerability. Thanks to Chris Wood.
-CVE-2018-5999 HTTP authorization bypass and CVE-2018-6000. An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
-Remote code execution vulnerability. Thanks to David Maciejak of Fortinet's FortiGuard Labs
-CVE-2017-14491: DNS - 2 byte heap based overflow
-CVE-2017-14492: DHCP - heap based overflow
-CVE-2017-14493: DHCP - stack based overflow
-CVE-2017-14494: DHCP - info leak
-CVE-2017-14495: DNS - OOM DoS
-CVE-2017-14496: DNS - DoS Integer underflow
-CVE-2017-13704: Bug collision
-AiCloud 2.0 Reflected XSS Vulnerability. Thanks to Guy Arazi and Niv Levi contribution.

Thanks to Guy Arazi for following vulnerabilities.
-AiCloud 2.0 Stored XSS Share link manager.
-AiCloud 2.0 Reflected XSS - "share a link"
-Download Master HTTP service DoS vulnerability.
-Download Master Reflected XSS Main login.

Please unzip the firmware file first then check the MD5 code.
MD5: e52d4f7f9a82fc03af01964793f35290