Firmware Release Notes SW01978-5.2.1.0 ====================================== Supported Products: R-PASS (A0) SSD (B0) Z-PASS2-RT-4G (A0) Z-PASS2-RT-4G (B0) Z-PASS2-RT-4G (C0) Z-PASS2-RT-4G-S (A0) Z-PASS2-RT-4G-S (B0) Z-PASS2-RT-4G-S (C0) Z-TWS4-RT-S (A0) Z-TWS4-RT-S (B0) Z-TWS4-RT-S (C0) Z-PASS1-RT (A0) Z-PASS1-RT (B0) Z-PASS1-RT (C0) ====================================== WARNING! - MAJOR RELEASE Firmware version 5.x can only be updated from version 4.9.0.0 or later. Updating from earlier versions may cause the device to freeze and become inoperable. After a factory reset, the web page and discovery tool will only be available on the LAN interface. To disable the firewall, go to Router Configuration and disable the firewall for each interface, or configure a firewall exception rule to specify which ports should be open on each interface. NEW: - Added a “Security” section to the web pages menu - Added a “security features” check, with the corresponding “Security Status” web page - Added a ‘watchdog’ to the digital outputs - Added “FW downgrade” protection, with the “Rollback Protection” parameter set to ON - Seneca device database: added the S534-6-MOD-MID and S534-100-MOD-MID devices FIX: - “Modem FW Upgrade”: change to restart the “services” at the end of the procedure, in case they were stopped - web pages: added some security-related warnings - Change to regenerate the web server’s default certificate when the MAC address is modified - Web pages: Change to allow a username to contain the ‘/’ character (specifically, for the “MQTT Configuration” page) - Fixed the issue where the “IP Configuration from Discovery” parameter was not set to OFF when the default admin password was changed via the GUI or web GUI - Change to attempt to prevent the situation where the file /data/znet_conf/CONFIG.tws is owned by root and cannot be overwritten by Z-NET4 - Fixed the issue where, upon upgrading from rel.4 to rel.5, the production user was not deleted when the system was not in factory default mode - Router configuration: Removed the check for the presence of another instance of the script, because in the case of the Tecnosystem customer using VPNBox SingleLAN, this led to the absence of certain firewall rules—specifically the “accept” rule—which made it impossible to log in via the web page and GUI