OpenWRT 25.12.5 - fixes huge number of CVE's - Flint2 still on 24.10.4

Flint 2 OP24-4.9.0 is looking very old and risky given this:

Security fixes

This release fixes several remotely triggerable vulnerabilities in
core network services that are enabled by default. Updating is strongly
recommended.

Beyond the issues listed above, this release fixes a number of
further security problems for which no CVE number or dedicated advisory
was assigned. We strongly recommend upgrading

That’s an enormous number of vulnerabilities that GL-inet Flint 2 potentially exposes its users to.

When will Flint 2 get an update that is actually up to date with 25.12.5?

4 Likes

Hi

Thank you for bringing this to our attention.

The Flint 2 OP25 firmware is currently in the final stages of development. Assuming testing goes smoothly and we don't discover any major issues that would significantly impact usability, it should be ready for release soon.

3 Likes

Excellent.

Will it resolve all those CVE’s fixed in 25-12.5?

It should be 25.12.5, so the CVE vulnerability will be fixed just like the upstream version.

3 Likes

That’s good news, Will.

I really like GL-inet’s user interface.

Combined with the latest openwrt security fixes makes it a really great product.

What will the WiFi power levels be like compared to OP24? I read people saying the 4.9.0 releases were much weaker.

Will this release work with the Android app / parental controls. I note the May 2026 version still hasn’t resolved the issue with trying to update the schedules.

Will these security fixes be made available to other models such as the Beryl AX soon? These are some very important CVE’s to patch.

1 Like

Hi

Our development team is currently evaluating whether other models are affected and whether they also require a fix. This may take some additional time.

We'll let you know if we have any updates.

(post deleted by author)