fruitcornbread
Senior Member
Version 3.0.0.4.388_25541
76.81 MB
2026/01/15
Security Enhancements:
-Strengthened input validation and data processing workflows to further protect information security.
-Enhanced AiCloud password protection mechanisms, safeguarding against unauthorized access attempts.
-Enhanced device security through improved buffer handling in connection features.
-Refined data handling processes, ensuring secure and accurate information management.
-Enhanced file access control mechanisms, promoting a more secure operating environment.
-Strengthened certificate protection, providing enhanced data security.
-Enhanced input parameter handling techniques to improve data processing stability and system security.
-Password Policy Upgrade – Minimum of 10 characters, including at least one letter, one digit, and one special character; disallows consecutive identical characters; hardens defense against brute-force attacks.
-HTTPS on 8443 – Management interface now served over TLS by default.
-UPnP Disabled – Universal Plug and Play starts in the off state for reduced surface exposure.
-AiCloud Authentication Hardening (CWE-287) – Added layered verification.
-Authentication Logic Refactor – Removed redundant code paths for a lean sign-in flow.
-Memory Safety Guard (CWE-476) – Introduced null-reference protections across critical services.
-Enhanced IPsec Parameter Validation – The existing input checks have been hardened.
-Data Exposure Mitigation (CWE-200) – Reinforced controls on sensitive pathways.
-Detailed Audit Trails – Expanded logging within the authentication module.
-Enhance system access control mechanisms.
-Addressed multiple security weaknesses in AiCloud service by enforcing strict credential verification, implementing robust file path validation, and hardening command execution logic to prevent unauthorized access and manipulation of system resources.
Bug Fixes and Enhancements:
-Fixed the UI compatibility issue with the Chrome browser update.
-Improved compatibility with IoT devices on WPA2/WPA3 networks.
-Fixed client binding issues in Mesh scenarios.
-Enhanced input validation and refactored legacy string handling routines to ensure robust memory management.
-Implemented comprehensive validation and expanded command filtering in the web history API.
-Fixed a privilege escalation vector in the IFTTT token exchange mechanism.
-Strengthened input validation and directory handling in the VPN configuration upload interface.
-Fixed an issue that allowed certain user settings to be bypassed, improving overall user control and protection.
-Stability enhancements.
ZIP SHA-256 : ABDD9416A026CECFD70481B6057C0D718D9FF897C877348CF60EFB158F0B66D5
FW SHA-256 : 188764a2ae462940ba2828b59d273f3c20f0e3349934748ba532cb468dff7609
Download: https://dlcdnets.asus.com/pub/ASUS/wireless/ZenWiFi XD6/FW_XD6_300438825541.zip?model=ZenWiFi XD6
(You will need to copy the link and paste it in a browser for the link above to work.)
www.asus.com
@jksmurf FYI
76.81 MB
2026/01/15
Security Enhancements:
-Strengthened input validation and data processing workflows to further protect information security.
-Enhanced AiCloud password protection mechanisms, safeguarding against unauthorized access attempts.
-Enhanced device security through improved buffer handling in connection features.
-Refined data handling processes, ensuring secure and accurate information management.
-Enhanced file access control mechanisms, promoting a more secure operating environment.
-Strengthened certificate protection, providing enhanced data security.
-Enhanced input parameter handling techniques to improve data processing stability and system security.
-Password Policy Upgrade – Minimum of 10 characters, including at least one letter, one digit, and one special character; disallows consecutive identical characters; hardens defense against brute-force attacks.
-HTTPS on 8443 – Management interface now served over TLS by default.
-UPnP Disabled – Universal Plug and Play starts in the off state for reduced surface exposure.
-AiCloud Authentication Hardening (CWE-287) – Added layered verification.
-Authentication Logic Refactor – Removed redundant code paths for a lean sign-in flow.
-Memory Safety Guard (CWE-476) – Introduced null-reference protections across critical services.
-Enhanced IPsec Parameter Validation – The existing input checks have been hardened.
-Data Exposure Mitigation (CWE-200) – Reinforced controls on sensitive pathways.
-Detailed Audit Trails – Expanded logging within the authentication module.
-Enhance system access control mechanisms.
-Addressed multiple security weaknesses in AiCloud service by enforcing strict credential verification, implementing robust file path validation, and hardening command execution logic to prevent unauthorized access and manipulation of system resources.
Bug Fixes and Enhancements:
-Fixed the UI compatibility issue with the Chrome browser update.
-Improved compatibility with IoT devices on WPA2/WPA3 networks.
-Fixed client binding issues in Mesh scenarios.
-Enhanced input validation and refactored legacy string handling routines to ensure robust memory management.
-Implemented comprehensive validation and expanded command filtering in the web history API.
-Fixed a privilege escalation vector in the IFTTT token exchange mechanism.
-Strengthened input validation and directory handling in the VPN configuration upload interface.
-Fixed an issue that allowed certain user settings to be bypassed, improving overall user control and protection.
-Stability enhancements.
ZIP SHA-256 : ABDD9416A026CECFD70481B6057C0D718D9FF897C877348CF60EFB158F0B66D5
FW SHA-256 : 188764a2ae462940ba2828b59d273f3c20f0e3349934748ba532cb468dff7609
Download: https://dlcdnets.asus.com/pub/ASUS/wireless/ZenWiFi XD6/FW_XD6_300438825541.zip?model=ZenWiFi XD6
(You will need to copy the link and paste it in a browser for the link above to work.)
ASUS ZenWiFi XD6 Series(XD6/XD6S)
AX5400 Whole-Home Dual-Band Mesh WiFi 6 System – Coverage up to 5,400 Sq. ft. / 4+ rooms, easy setup, life-time free network security & parental controls
www.asus.com
@jksmurf FYI
