GL.iNet har lagt ut en ny firmware-oppdatering for GL-AX1800, GL-AXT1800, GL-MT2500/GL-MT2500A, GL-MT3000, GL-MT6000.
Dette gjelder dermed Beryl AX (MT3000) og Brume 2 (MT2500A) som selges her hos ReiseRouter. Oppdateringen er hovedsakelig en sikkerhetsoppdatering som retter kritiske sårbarheter:
CVE-2024-39225: This vulnerability allowed unauthenticated users to gain remote code execution (RCE) with root privileges through a specific attack vector.
CVE-2024-39227: This vulnerability permitted unauthenticated users to access /cgi-bin/glc, enabling the execution of arbitrary methods in the C library.
I tillegg får Beryl AX en ny og mer stabil WiFi-driver.
Oppdateringen gjøres under System / Upgrade i adminpanelet, enten som online oppdatering eller lokal oppdatering – firmwarefil er tilgjengelig her:
https://dl.gl-inet.com/router/mt3000/
Release notes:
Improvement
- Updated WiFi driver(MT3000).
Bug Fixes
- Fixed an issue with DNS leaks when upgrading from version 4.5.x reserved configurations to 4.6.x with VPN connected.
- Fixed the issue that when the 5G main network is not a DFS channel, the 5G main network page will be opened again with a prompt of about 3s for DFS channel availability detection.
- Fixed a relay scan timeout issue when the WiFi was configured with DFS channels.
- Fixed the issue where the relay icon did not turn gray when disconnecting the relay connection while the internet connection mode was set to relay and wired.
- Fixed the issue where language packs were not retained after upgrading with preserved configuration.
- Fixed the issue where PC WebDAV access would show no data, after enabling WebDAV, inserting a USB drive, and rebooting.
- Fixed the issue where RTTY-WEB remote access encountered relay scan errors and failed to relay.
- Fixed a crash of the device’s WiFi driver when connecting with a D-Link DWA-192 AC1900 network adapter to 2.4G WiFi.
- Corrected an issue where adding and applying any custom rule in parental control had no effect on Google Chrome.
- Fixed an issue where trunks were configured with static IPs, and the trunks showed up as connected even though the trunks were disconnected.
- Fixed the issue of DNS leakage when VPN Client and DNS encryption are enabled.
- Corrected a problem where switching internet connection modes did not update the IP address in DDNS resolution.
- Fixed an issue where videos and images on the USB drive could not be accessed after inserting a USB drive, enabling DLNA, and soft resetting the device.
- Resolved a DNS leak issue when switching VPN policy from global proxy to IP/domain-based mode.
- Fixed the issue that the client’s hostname was reported to the relay’s superior after the relay set a random MAC.
- Fixed the issue that the WAN port does not show IPv6 address when connecting to a VPN client and then enabling IPv6.
- Addressed a program crash caused by relay scanning when no other APs were nearby.
- Corrected a crash caused by wireless scanning of SSIDs containing carriage return characters.
- Fixed the issue where accessing the device management page using an IPv6 address displayed incorrect MAC cloning information for Ethernet and relay.
- Fixed the issue where the WebDAV function did not work properly when using an account or password with a length of 64-bit characters.
- Fixed the issue that after pulling Mullvad VPN configuration, when the corresponding Public Key is deleted from the Mullvad website and the configuration is pulled again, the IP address in the pulled configuration changes to ‘The’.
- Resolved the issue of relay scanning crashing when IBSS exists in the surrounding area.
- Fixed the issue where firewall rules would occasionally disappear after rebooting the device following a connection to wgclient.
- Fixed the issue where dip switch is bound to wireguard client, the device turns on ovpn client, and restarting the device causes vpn policy to fail.
- Fixed the issue where the killswitch failed to work when the DNS service was proxied by the AdGuard program or an encrypted DNS program, and the VPN was in a connected state.