RUT951 Firmware Downloads: Difference between revisions
no edit summary
mNo edit summary |
Gytispieze (talk | contribs) No edit summary |
||
(25 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
{{Template: | {{Template: Networking_rutos_firmware_downloads | ||
<!------------------------DEVICE-----------------------> | <!------------------------DEVICE-----------------------> | ||
| name = RUT951 | | name = RUT951 | ||
| series = RUT9M | | series = RUT9M | ||
<!-----------------------LATEST FW---------------------> | <!-----------------------LATEST FW---------------------> | ||
| | | latest_fw = RUT9M_R_00.07.02.7 | ||
| | | latest_date = 2022.09.12 | ||
| | | latest_md5 = b2058648ec51566e6c37735d65bbe357 | ||
<!-----------------------FACTORY FW--------------------> | <!-----------------------FACTORY FW--------------------> | ||
| | | factory_fw = RUT9M_R_00.07.02.7 | ||
| | | factory_date = 2022.09.12 | ||
| | | factory_md5 = b2058648ec51566e6c37735d65bbe357 | ||
}} | }} | ||
==Changelog== | |||
===<b>[[Media:RUT9M_R_00.07.02.7_WEBUI.bin|RUT9M_R_00.07.02.7]]</b> | 2022.09.12=== | |||
* <b>Improvements:</b> | |||
** Improved manual-auto connection mode | |||
* <b>Fixes</b> | |||
** Fixed AT command for SMS storage usage | |||
** Fixed CVE-2022-1012 memory leak vulnerability | |||
** Fixed CVE-2022-37434 kernel vulnerability | |||
** Fixed interface option reset after VLAN ID change | |||
** Removed memory leak on port events | |||
** Fixed WiFi Scanner out of range crash when iterating collected data | |||
===<b>[[Media:RUT9M_R_00.07.02.6_WEBUI.bin|RUT9M_R_00.07.02.6]]</b> | 2022.08.24=== | |||
* <b>Improvements:</b> | |||
** Added 'home.vodafone.de' APN | |||
** Improved stability of device information storage | |||
* <b>Fixes:</b> | |||
** Added SMSC type omitting when empty SMSC number parsed in SMS PDU mode | |||
** Fixed Serial-symlink dmesg messages | |||
** Fixed VoLTE management | |||
** Fixed OpenVPN tls-auth and tls-crypt option names | |||
===<b>[[Media:RUT9M_R_00.07.02.5_WEBUI.bin|RUT9M_R_00.07.02.5]]</b> | 2022.08.12=== | |||
* Improvements: | |||
** Updated curl to version 7.83.1 | |||
** Updated firmware validation error messages | |||
** Added multiple source IP address support to the Port Forwards page | |||
** Increased custom APN Username & Password field maximum length to 64 symbols | |||
** Added auto switch to modem's SMS storage when SIM card storage doesn't exist | |||
** Improved mobile connection status handling | |||
** Added CSP headers Hotspot WebUI landing page | |||
* Fixes: | |||
** Fixed CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208 curl vulnerabilities | |||
** Fixed CVE-2022-30065 busybox vulnerability | |||
** Fixed file upload path traversal | |||
** Removed Data to Server limit to proccess less than 10 instances | |||
** Fixed Data to Server 'out of memory' crashes when database is full or has a large amount of data | |||
** Fixed OpenVPN dev setting logic | |||
** Fixed OpenVPN updating from legacy issue that caused IPv6 not to work | |||
** Fixed MAC and leasetime setting for Bridge & Passthrough modes | |||
** Fixed modal tabs navigation when editing wireless interface with non-english languages | |||
** Fixed LAC/TAC parsing in 4G mode | |||
===<b>[[Media:RUT9M_R_00.07.02.4_WEBUI.bin|RUT9M_R_00.07.02.4]]</b> | 2022.07.20=== | |||
* Improvements: | |||
** Added default password change warning message before firmware downgrade | |||
** Extended time period for device to make connection to operator | |||
** Reduced the number of modem reboots when changing mobile settings | |||
** Reduced excessive log output when no SIM card is inserted | |||
** Added modem restart prevention on modem init | |||
** Added disable RPLMN option in the SIM section of the SIM card config | |||
* Fixes: | |||
** Fixed CVE-2022-2068 vulnerability | |||
** Disabled autoconnect on stop-network call | |||
** Fixed Hotspot login via landing page issue | |||
** Fixed FOTA communication issues | |||
===<b>[[Media:RUT9M_R_00.07.02.3_WEBUI.bin|RUT9M_R_00.07.02.3]]</b> | 2022.06.27=== | |||
* New Features: | |||
** Port Mirroring | |||
* Improvements: | |||
** Added ping to DNS IPv6 support | |||
** Added modem reset to default state after device FW upgrade | |||
** Modem init now checks NVRAM sensitive commands before setting | |||
** GSM output was made consistent | |||
** Updated FSTools package to version 2022-05-03 | |||
** Added security headers to web requests | |||
** Added default VoLTE value | |||
** Specified IP address family on operator control's ping to DNS feature | |||
* Fixes: | |||
** Fixed CVE-2019-12900 libbz2 vulnerability | |||
** Fixed behavior of some gsmctl commands | |||
** Fixed CVE-2022-23303 hostapd vulnerability | |||
** Fixed CVE-2022-29581 Linux kernel vulnerability | |||
** Fixed CVE-2022-29458 ncurses vulnerability | |||
** Fixed CVE-2022-1292 c_rehash script command injection vulnerability | |||
** Fixed band locking issue | |||
** Fixed race condition for wireless configuration initialization | |||
** Fixed operator control issue | |||
** Fixed VoLTE management issue | |||
** Fixed SIM card checking on modem init | |||
===<b>[[Media:RUT9M_R_00.07.02.1_WEBUI.bin|RUT9M_R_00.07.02.1]]</b> | 2022.06.06=== | |||
* Improvements: | |||
** Improved GSM related messages in Troubleshoot logs | |||
* Fixes: | |||
** Fixed IGMP Proxy menu item not appearing after package installation | |||
** Fixed default mobile network configuration generation | |||
** Fixed MODBUS write requests and Mobile Utils option setting | |||
===<b>[[Media:RUT9M_R_00.07.02_WEBUI.bin|RUT9M_R_00.07.02]]</b> | 2022.05.10=== | |||
* <b>New features</b> | |||
** Overview side widget | |||
** IGMP Proxy | |||
** Privileged Access Management (PAM) | |||
** AWS Greengrass support | |||
** HTTPS certificate and key upload feature | |||
** SSH public keys edit box | |||
** License page | |||
** MODBUS | |||
** DNP3 data for Data to Server | |||
* <b>Improvements</b> | |||
** Updated busybox to version: 1.34.1 | |||
** Updated curl to version 7.79.1 | |||
** Added iptables filter package for string filtering | |||
** Added CHAP authentication for L2TP VPN | |||
** Added IPv6 support for L2TPv3 VPN | |||
** Added EAP-MSCHAPV2 authentication method for IPsec VPN | |||
** Added IPv6 support to Auto Reboot | |||
** Added 'Save to flash' and 'Test configuration' button to DNP3 configuration page | |||
** Updated SNMP version 5.9.1 | |||
** Added OpenSSL authentication options to SNMPv3 | |||
** Added support for OSPF redistribution options and OSPF neighbors | |||
** Added password field to BGP Peers page | |||
** Extended BGP "AS" field validation to accept integers up to 4294967295 | |||
** Added "DHE+RSA" to OpenVPN cipher selections | |||
** Increased OpenVPN max password length from 128 bytes to 512 bytes | |||
** Made HMAC key direction initial value dependent on the role of the instance (client or server) | |||
** Made HMAC key and HMAC authentication key upload fields required | |||
** Added DES to IPsec encryption algorithms selections | |||
** Added special character support for CHAP secrets | |||
** Added validation requirements for PPTP user list username field | |||
** Added option to manually enter Public key in Wireguard configuration | |||
** Made generating Wireguard keys possible only while in auto mode | |||
** Added Events Log database to troubleshoot archive | |||
** Added RFC1918 filter field | |||
** Added the possibility to unblock multiple blocked devices at once | |||
** Added 'Port' column to blocked login attempts table | |||
** Added Speedtest server refresh | |||
** Updated Speedtest server list | |||
** Added asterisk option to Site Blocking | |||
** Added MD5 and SHA256 checksums to package validation page | |||
** Changed certificate requirements to only require client key file if client certificate is used | |||
** Added pagination and data retention between table pages | |||
** Added pagination functionality to tables when there are more than 10 records | |||
** Improved table sorting by saving user provided sort settings in the browser | |||
** Improved drag and drop functionality | |||
** Added the possibility to drag and drop files onto upload components | |||
** Moved 'Root CA' from the 'Access Control' page to the 'Certificates' page | |||
** Added 'Strict-Transport-Security' response header for HTTPS | |||
** Added 'breadcrumbs' to modal windows | |||
** Improved initial WebUI loading after login | |||
** Added mobile bytes sent and bytes received SNMP OIDs | |||
** Added mobile LED turn off feature ('System -> Administration' page) | |||
** Added 'iot.1nce.net', 'internet', 'VZWINTERNET' and Truphone APNs to APN database | |||
** Updated mobile usage data point calculation logic | |||
** Added the possibility to manually enter operator number | |||
** Improved obtain mobile cell ID process | |||
** Added modem restart if SIM card is removed during APN database fetching process | |||
** Added unauthorized call logging | |||
** Added space character support in SMS commands | |||
** Disabled SMS modem storage configuration form when SIM is not inserted | |||
** Changed SMS '%wi' parameter value to return IP address of any currently used WAN interface (not only wired) | |||
** Added external modem SMS limit Overview card and widget | |||
** Made in-use APNs visible next to mobile interface configurations (before clicking the 'Edit' button) | |||
** Added duplicate value check for list configuration options | |||
** Changed mobile card instance design | |||
** Fixed 'Mobile Data usage reset' SMS rule | |||
** Fixed the default state parameter of SMS list POST/GET command | |||
** Added Hotspot configuration profiles | |||
** Added local Hotspot user password hashing | |||
** Added Hotspot password encoding option | |||
** Improved Hotspot related firewall rule setting | |||
** Improved WiFi Scanner enable switch to toggle 2 and 5 GHz instances separately | |||
** Removed CHAP authentication protocol for WiFi Hotspots due to incompatibility with hashed passwords | |||
** Added ubus support to Hotspot | |||
** Changed default port name of WiFi devices for 'Topology state' Events Reporting rule | |||
** Added I/O SNMP trap | |||
** Added ISO 8601 time format to I/O Juggler's '%ts' parameter | |||
** Added device name parameter '%pc' to I/O Juggler | |||
** Added PPPoE VLAN priority support | |||
** Made VRRP ping section dependent on main instance | |||
** Added 'WAN to LAN' switch | |||
* <b>Fixes</b> | |||
** Fixed CVE-2021-20322, CVE-2021-4197, CVE-2022-1011, CVE-2022-0847 kernel vulnerabilities | |||
** Fixed CVE-2022-28391 busybox vulnerability | |||
** Fixed CVE-2018-16789 shellinabox vulnerability | |||
** Fixed CVE-2021-44543, CVE-2021-44542 privoxy vulnerabilities | |||
** Fixed CVE-2021-43618 GNU Multiple Precision Arithmetic Library vulnerability | |||
** Fixed zlib backport security issue | |||
** Fixed Wireguard firewall zone assignment | |||
** Fixed queued packages disappearing from list after FW upgrade with keep settings | |||
** Fixed error message display for multiple input validation rules | |||
** Fixed incorrect DHCP validation range for start and limit fields | |||
** Removed 'Bring up on boot' option from network interface configuration pages | |||
** Fixed coma-separated DHCP options disappearing after save | |||
** Fixed exclude and listen interfaces | |||
** Fixed 'Use broadcast flag' option saving | |||
** Fixed firewall zone assignment when creating new interfaces | |||
** Fixed OpenVPN 'Netmask' and 'IP address' field validations | |||
** Fixed OpenVPN TAP configuration saving issue | |||
** Fixed OpenVPN switching to TUN mode when uploading a configuration from file | |||
** Fixed dynamic BGP route state display | |||
** Fixed BGP peer enable in edit page | |||
** Fixed issue when no L2TP client instance could be bound to IPsec | |||
** Fixed firewall rule and zone behavior related to config section creation | |||
** Added default value for L2TPv3 netmask, which is now written to config after save | |||
** Fixed passthrough option saving to IPsec file | |||
** Fixed DMVPN issue where instance configuration could not be saved | |||
** Fixed Wireguard peer could not be saved issue | |||
** Fixed NTP client time synchronization after factory reset | |||
** Fixed device time display with selected time zone | |||
** Fixed MODBUS TCP indexation missing bracket issue | |||
** Fixed initial MODBUS TCP request count validation | |||
** Fixed PIN 3/4 direction switching over MODBUS TCP | |||
** Fixed MODBUS data to MQTT socket closing issue when connection fails | |||
** Fixed MODBUS alarm configuration deletion | |||
** Fixed DNP3 master not working after FW upgrade with 'keep settings' | |||
** Fixed DNP outstation not returning error messages | |||
** Added missing SNMP objects: mobile IP, data sent/received today | |||
** Fixed MQTT Publisher 'Remote address' field validation | |||
** Fixed long interface name support for Azure IoT Hub | |||
** Increased maximum Azure IoT Hub 'Connection String' length to 4096 characters | |||
** Fixed missing sent/received data issue | |||
** Fixed URL input field length validation | |||
** Fixed admin login issue after upload of backup from a device with older firmware versions | |||
** Fixed MAC address formatting in Events reporting messages | |||
** Fixed Events reporting DHCP lease message spam, when no new lease is added | |||
** Fixed logging crashing after downloading Troubleshoot file | |||
** Made Wake on LAN visible only on devices with Ethernet ports | |||
** Fixed Traffic log file transfer to FTP server | |||
** Fixed Web Filter service reloading after a host list file is uploaded | |||
** Fixed access denied messages when sending JSON-RPC requests from root user | |||
** Fixed error message display about duplicated intervals in Profile scheduler | |||
** Fixed FW upgrade with 'keep settings' migration issue for Access Control's 'Fail count' and 'Device port' fields | |||
** Corrected OSPF Routing card values, value positions and names | |||
** Fixed global secret instances not being removed when there are no IPsec instances | |||
** Fixed uploaded file remove icon not staying in position on hover | |||
** Fixed Overview card collapse issue that made it unresponsive after too many clicks | |||
** Removed WAN6 interface from the Overview page | |||
** Fixed mobile IPv6 display in Events Reporting status messages | |||
** Fixed Bridge mode when DNS2 is not available | |||
** Fixed PAP/CHAP username and password fields not saving in interface edit window | |||
** Fixed sending email without secure connection for providers that support such an option | |||
** Fixed 'N/A' parameter showing up in SMS Utilities monitoring status message | |||
** Fixed Call Utilities Events Log message for reboot rule | |||
** Fixed SMS command validation for no-authorization option | |||
** Fixed MODBUS SMS alarms 'Enable' option saving | |||
** Fixed running RMS with no SIM card inserted issue | |||
** Fixed firmware available on server version checking issue | |||
** Fixed CVE-2020-15078 openvpn vulnerability | |||
** Fixed storage calculation for packages | |||
** Fixed firmware deletion after leaving the page | |||
** Fixed setup wizard redirect after LAN IP change | |||
** Fixed various validation bugs, typos, option hints & alignments | |||
** Fixed multiple IPv6 configuration field validations | |||
** Fixed VoLTE management | |||
** Fixed incorrect parsing of temperature, revision and IP address values | |||
** Fixed handling of SIM card removal | |||
** Fixed unnecessary SIM switch issue when Multi-APN is configured | |||
** Fixed MODBUS TCP slave modem not starting after switching SIM cards | |||
** Added multiwan support for Wireguard default route | |||
** Fixed wireless signal strength display when no clients are connected | |||
** Fixed loss of connectivity for clients when router is in STA+AP mode | |||
** Added validation that prevents automatic connection to first unencrypted WiFi AP when using MULTI AP | |||
** Fixed Wifi Scanner data not being stored in certain scenarios | |||
** Fixed WiFi scanner not turning on after FW upgrade with 'keep settings' | |||
** Fixed Hotspot user group limit not resetting on specified time | |||
** Removed an RMS error message when no Hotspot users were created | |||
** Fixed Hotspot landing page image upload issue | |||
** Fixed relay output value display in I/O Juggler condition page | |||
** Fixed I/O Juggler's WiFi rule not enabling or disabling WiFi interfaces | |||
** Fixed I/O Juggler's double delete issue on I/O Juggler action and condition instances | |||
** Fixed I/O Juggler's incorrect I/O status messages | |||
** Fixed POST/GET SMS listing by state | |||
** Fixed second VLAN ID not being locked | |||
===<b>[[Media:RUT9M_R_00.07.01.5_WEBUI.bin|RUT9M_R_00.07.01.5]]</b> | 2022.03.29=== | |||
* <b>New features</b> | |||
** Initial FW release for the RUT951 device |