Release ASUS ZenWiFi XD4 Firmware version 3.0.0.4.388_25041 (2024/09/05)

[fruitcornbread]

Version 3.0.0.4.388_25041
55.17 MB
2024/09/05

Security Fixes
- Resolved command injection vulnerability.
- Resolved DoS vulnerabilities in HTTPD and firewall configuration pages.
- Addressed ARP poisoning vulnerability.
- Addressed information disclosure vulnerability.
- Corrected code execution issue in custom OVPN.
- Corrected an OpenVPN vulnerability categorized as CWE-134.
- Corrected null pointer dereference vulnerabilities.
- Patched OpenSSL vulnerabilities.
- Fix CVE-2022-46871 and CVE-2023-35720.
- Fix CVE-2023-28702 and CVE-2023-28703.
- Fix XSS and self-reflected HTML injection vulnerabilities.
- Enabled and supported ECDSA certificates for Let's Encrypt.
- Enhanced system stability.
- Enhanced FFmpeg vulnerabilities.
- Enhanced protection for OTA firmware updates and credentials.
- Improved several curl vulnerabilities.
- Improved the cfg server vulnerability.
- Improved WireGuard performance.
- Strengthened defenses against SSH brute force attacks.

Please unzip the firmware file, and then verify the checksum.
SHA256: a604d27590eb9012a643593ce3b4f100e9e828af8c010a41fc05b24cea9b59c3

Download: https://dlcdnets.asus.com/pub/ASUS/wireless/ZenWiFi Mini AX XD4/FW_ZENWIFI_XD4_300438825041.zip?model=ZenWiFi Mini AX XD4

 

[slurmsmckenzie]

It is interesting to see that the XD4 has finally got an update to 388. I have an XD4 as a mesh node (with an AX86U as the main AiMesh router) and it has worked well for 2 years.

I wonder how important it is for me to update the XD4 with this new firmware under my setup - I can see there are lots of vulnerabilities fixed but as I'm not using it as my primary router does that change anything?

Just don't want to apply this update and see problems when everything is good right now.

 

[jksmurf]

I’m hoping this heralds an update for the XD6

 

[xgrey]

The XP4 is also waiting for a miracle from Asus

 

[aardbeix15]

finally this release, for me this solves an instability issue I had in combination with the latest firmware for the AX86U router
After some minutes the XD4 caused network 'noise' (dropped connection, slow streaming, dns failing etc.) on devices in the network, immediately after disconnecting the devices this issue was away from my network.

Release - ASUS RT-AX86 Series(RT-AX86U/RT-AX86S) Firmware version 3.0.0.4.388_24243 (2024/05/13)

I rolled back the update yesterday to the firmware version of November 2023 (FW_RT_AX86U_AX86S_300438823285). Installation went smoothly, but I continued to have a very slow signal on all kinds of clients, wired and via WiFi. Also after rebooting or reconnecting the clients. Slow DNS resolving...

www.snbforums.com