14 DAY TRIAL // Today, AsusWrt-Merlin has announced the availability of firmware build 376.49.5 that fixes an ASUS infosvr bug (CVE-2014-9583 vulnerability) and adds an additional security improvement, namely corrects the memcpy() call (also an ASUS-related problem).
To be more specific about this CVE (Common Vulnerabilities and Exposures) ID, with certain ASUS official firmware versions, common.c in infosvr wouldn’t check the MAC address for a request as it should.
This gap allows unwanted users to run commands to UDP port 9999 at their own choice without authenticating. The described issue was discovered in Firmware 3.0.0.4.376.2524 for ASUS RT-AC66 and RT-N66, as well as other versions.
As for compatible devices, Merlin’s present update is supported by the same ASUS wireless units as its previous AsusWrt-Merlin Custom Firmware 376.49.4, namely RT-AC56, -AC66, -AC68, -AC87, -N16, and -N66 router models.
When it comes to installation, the update steps are similar to any regular firmware upgrade and the same recommendations apply. Thus, save and extract the appropriate archive, go to the administration page’s Update section, and use the .trx file to upgrade your device.
You should also know that you can revert to ASUS’s official firmware at any time by applying a proper update package.
With this in mind, download AsusWrt-Merlin Custom Firmware 3.0.0.4.376.49.5 for your specific router model, apply it on your device, and constantly check our website in order to stay “updated one minute ago.”
