Security related improvements will be great like:
- set more security default values Like WPA2/WPA3 than only WPA2 and some other WiFi related non secure default values. Check the advanced admin menu.
- don’t blow the router name around by NETBIOS
- run only services which are used, like don’t run OPENVPN and Wireguard, don’t rung OpenVPN Server, Wireguard server and dropebear if not used
- Replace the not secure NTP by a secured one from Cloudflare or use a DNS based timesource. Thats should protect from easy faking the time and by this the certificates validity of certificates.
- Fix the Cloudflare related DNS bug or disable the use of Cloudflare.
For the rest of longer list of possible improvements and of a fix waiting bugs, check the follow: