ZBT consistently delivers firmware updates to enhance functionality and ensure top-tier security. We are pleased to announce the release of SDK 4.5, now available for download on our official platform. Upgrade your router to the latest version for improved performance.
Note: The stable release of SDK 4.5 is scheduled for late January 2024.
1. Optimize Data Usage with Low Data Mode
The Low Data Mode feature allows you to reduce bandwidth consumption, making it perfect for cellular connections with data limits or in areas with constrained network speeds. Adjust this setting based on your connection type for efficient data management.
(Note: Enabling this mode may extend the reconnection time after disconnection.)
2. Customize Network Sensitivity for Seamless Performance
Our updated sensitivity settings let you tailor your network response based on stability. By default, sensitivity is set to "Medium" across all connections. For stable environments, switch to "High" for the best streaming and gaming performance. If your network fluctuates, set it to "Low" to prevent frequent switches.
3. Advanced Parental Controls with Bark Integration
Note: Bark parental controls are now supported on the ZBT Flint AX (MT-6000) running SDK 4.5.
Bark, a leading tool in digital child safety, enables users to filter unwanted content, restrict specific website categories, and regulate screen time. An active Bark subscription is required, though ZBT also provides built-in parental control tools at no extra cost.
4. Implement Site-to-Site OpenVPN Using TAP
Configure your OpenVPN connection with TAP to enable seamless access between devices on the client and server ends. Activating this feature overrides current OpenVPN client rules. Consult our guide for detailed instructions on setup.
5. Secure and Streamline WireGuard Client-to-Client Connectivity
WireGuard’s client-to-client traffic ensures faster and more secure connections between devices, offering a superior alternative to port forwarding. It also allows the configuration of a WireGuard site-to-site VPN for secure and efficient communication.
6. Expanded VPN Service Compatibility
Our OpenVPN functionality now supports the askpass method, alongside username and password, broadening compatibility with additional VPN service providers.
7. Enhanced WireGuard Configuration Options
WireGuard now supports deleting configuration files while preserving credentials. This enhancement allows for a quicker re-setup without re-entering usernames or passwords when reconnecting to the same VPN provider.
8. Additional System Enhancements
8.1 Major Security Updates
This release resolves key security vulnerabilities, including:
- CVE-2023-46456 (CVSS 9.8): Mitigates arbitrary command execution via OpenVPN client file uploads.
- CVE-2023-46454 (CVSS 9.8): Prevents shell command injection through manipulated package names.
- CVE-2023-46455 (CVSS 7.5): Fixes file write vulnerabilities caused by path traversal in OpenVPN file uploads.
- CVE-2023-50919: Prevents NGINX authentication bypass using Lua string patterns.
- CVE-2023-50920: Secures session identifiers from being shared across separate sessions, eliminating potential bypasses.
8.2 New Local and Remote Security Configurations
Under the new "Security" tab in "System," users can manage settings for both local and remote access.
- Local security prevents unauthorized scans and attacks on default ports.
- Remote access can be configured to allow connections from specified locations only, such as accessing home devices solely from the workplace, enhancing security at the cost of convenience.
8.3 Client Device Isolation
The client isolation feature now separates network devices into distinct zones, preventing them from interacting with other devices on the same network.
8.4 Support for IPoE
For service providers requiring a tagged VLAN ID, the IPoE configuration setting is now available, supporting specific network interfaces.
8.5 Full Cone NAT & SIP ALG Functionality
Activating Full Cone NAT can significantly reduce latency during online gaming, though it may reduce overall security. Additionally, enabling SIP ALG can mitigate issues related to multiple NATs in VoIP calls, such as one-way audio, dropped calls, or calls being routed directly to voicemail.
8.6 Improved LAN Configuration Options
Users now have expanded options to enable or disable DHCP and customize common DHCP parameters directly from the interface.
8.7 Auto-Update Feature
The new auto-update feature, named "Preview version," allows your router to receive the latest fixes and features as soon as they become available. This feature can be deactivated if desired.
---
About ZBT
ZBT is a global leader in networking solutions, offering cutting-edge hardware and software products that ensure reliable, secure, and affordable connectivity. Our comprehensive product range supports industries from enterprise networking to IoT, ensuring robust solutions for smart buildings, businesses, and homes. At ZBT, we are dedicated to advancing network security and reliability, empowering businesses to thrive in a connected world.