Release ASUS GT-BE98 Firmware version 3.0.0.6.102_37902 (2025/08/14)

[IcesnapIL]

ASUS GT-BE98 Firmware version 3.0.0.6.102_37902

Version 3.0.0.6.102_37902
69.13 MB 2025/08/14
SHA-256 :17EF565A15F23390A749C29C41B130D8EB0F39946842C47D66DEFC0251FDAAF8
Important: After installing this firmware, we strongly recommend performing a factory-default reset to activate every new security adjustment.

Security Enhancements
- Password Policy Upgrade – Minimum 10 characters with at least 1 letter, 1 digit and 1 special symbol, and no consecutive identical characters; hardens defence against brute-force attacks.
- HTTPS on 8443 – Management interface now served over TLS by default.
- UPnP Disabled – Universal Plug and Play starts in the off state for reduced surface exposure.
- AiCloud Authentication Hardening (CWE-287) – Added layered verification.
- Authentication Logic Refactor – Removed redundant code paths for a lean sign-in flow.
- Memory Safety Guard (CWE-476) – Introduced null-reference protections across critical services.
- Enhanced IPsec Parameter Validation – The existing input checks have been hardened.
- Data Exposure Mitigation (CWE-200) – Reinforced controls on sensitive pathways.
- Detailed Audit Trails – Expanded logging within the authentication module.

System Improvements
- Connection Stability – Core algorithms refined for steadier links.
- Scheduling Accuracy – Timed tasks execute reliably under PPPoE, PPTP and L2TP WAN modes.
- Client List Maintenance – Resolved an issue that prevented offline devices from being removed from the client list

ROG-Republic of Gamers | Deutschland | ASUS

Entdecke die Welt von ASUS - Alles rund um die besten Mainboards, Grafikkarten, Monitore, Notebooks und vieles mehr erfährst Du auf der offiziellen ASUS-Seite.

rog.asus.com

 

[Thermaltake]

Interesting, it's just factory reset will give me half an hour of getting back everything like it was...

 

[BoostOver]

First bug:

 

[jixiangyuan]

- Password Policy Upgrade – Minimum 10 characters with at least 1 letter, 1 digit and 1 special symbol, and no consecutive identical characters; hardens defence against brute-force attacks.

So I thought the password policy applied to the Wi-Fi password, in which case your Wi-Fi would have a lower chance of being cracked through online or offline dictionary attacks. But it turns out this policy only applies to the password for the admin page (which already has CAPTCHA in place to prevent brute-force attacks). On top of that, they don’t allow consecutive identical characters in the admin page password (which is stricter than most online services), and I’m sure many people will end up forgetting their password after setting it. Good job ASUS.

I’m sure this will follow the path of the forced AES+GCMP256 encryption they pushed in a few firmware updates earlier (hint: they don’t enforce this policy anymore).

 

[Thermaltake]

First bug:
View attachment 67391View attachment 67392View attachment 67393

What is bug here ?

 

[BoostOver]

What is bug here ?

is just ridiculous.
The new settings are activated anyway.
What's the point of wasting time restoring?

 

[dannyvdmoo]

Eerste fout:
View attachment 67391View attachment 67392View attachment 67393

 

[dannyvdmoo]

wat is de bug????? die is er niet onzin

 

[BoostOver]

The first image is inconsistent with the second.
Come on, a little intellectual effort.

 

[bennor]

wat is de bug????? die is er niet onzin

English only please.

 

[Ripshod]

First bug:
View attachment 67391View attachment 67392View attachment 67393

For a service that's disabled? No error. Activate it and see it working properly.

 

[BoostOver]

For a service that's disabled? No error. Activate it and see it working properly.

The fact remains that the two screenshots were taken simultaneously.
An unwary user could be fooled.

 

[BoostOver]

Bandwidth Monitor has never worked and will never work properly.

 

[Ripshod]

The fact remains that the two screenshots were taken simultaneously.
An unwary user could be fooled.

Until such time as you provide us with unaltered original images to prove that I think we should consider this matter closed. The second image for the scan results would show the samr whether AiProtection is enabled or disabled - so it's not evidence of anything.

 

[Ripshod]

The fact remains that the two screenshots were taken simultaneously.
An unwary user could be fooled.

Until such time as you provide us with unaltered original images to prove that I think we should consider this matter closed. The second image for the scan results would show the sa whether AiProtection is enabled or disabled - so it's not evidence of anything.

 

[Ripshod]

Bandwidth Monitor has never worked and will never work properly.
View attachment 67402

Are you serious? Known issue, discussed many times.

 

[BoostOver]

Until such time as you provide us with unaltered original images to prove that I think we should consider this matter closed. The second image for the scan results would show the sa whether AiProtection is enabled or disabled - so it's not evidence of anything.

Do I alter the images?
Did I write that the service doesn't work?
I highlighted that the two images are inconsistent.

 

[Ripshod]

I highlighted that the two images are inconsistent.

You're highlighting something most of us have been living with a long time.
Not a bug specific to this alpha.

 

[dannyvdmoo]

ASUS GT-BE98 Firmwareversie 3.0.0.6.102_37902

Versie 3.0.0.6.102_37902
69,13 MB 2025/08/14
SHA-256: 17EF565A15F23390A749C29C41B130D8EB0F39946842C47D66DEFC0251FDAAF8
Belangrijk: Nadat u deze firmware hebt geïnstalleerd, raden wij u ten zeerste aan om de fabrieksinstellingen te herstellen om nieuwe beveiligingsaanpassingen te activeren.

Beveiligingsverbeteringen
- Upgrade van wachtwoordbeleid: minimaal 10 tekens met minimaal 1 letter, 1 cijfer en 1 speciaal symbool, en geen opeenvolgende identieke tekens; versterkt de verdediging tegen brute-force-aanvallen.
- HTTPS op 8443 – Beheerinterface wordt nu standaard via TLS aangeboden.
- UPnP uitgeschakeld – Universal Plug and Play start in de uitgeschakelde stand voor minimale blootstelling van het oppervlak.
- AiCloud Authentication Hardening (CWE-287) – Gelaagde verificatie toegevoegd.
- Refactoring van authenticatielogica: overbodige codepaden verwijderd voor een slanke aanmeldingsstroom.
- Memory Safety Guard (CWE-476) – Null-referentiebeveiliging geïntroduceerd voor kritieke services.
- Verbeterde IPsec-parametervalidatie: de bestaande invoercontroles zijn verscherpt.
- Beperking van blootstelling aan gegevens (CWE-200) – Versterkte controles op gevoelige paden.
- Gedetailleerde audit trails – Uitgebreide logging binnen de authenticatiemodule.

Systeemverbeteringen
- Verbindingsstabiliteit – Kernalgoritmen verfijnd voor stabielere verbindingen.
- Planningnauwkeurigheid: getimede taken worden betrouwbaar uitgevoerd in de PPPoE-, PPTP- en L2TP WAN-modi.
- Onderhoud van de clientlijst: een probleem opgelost waardoor offline apparaten niet uit de clientlijst konden worden verwijderd

ROG-Republic of Gamers | Deutschland | ASUS

Entdecke die Welt von ASUS - Alles rund um die besten Mainboards, Grafikkarten, Monitore, Notebooks und vieles mehr erfährst Du auf der offiziellen ASUS-Seite.

rog.asus.com

Nou, het draait nu al 2 dagen...Oké
with 2 bt8 wifi 7 and fiber 2 gig ...for now NO complains

 

[dannyvdmoo]

what should work???? default server host?