Line 4: |
Line 4: |
| | series = RUT9M | | | series = RUT9M |
| <!-----------------------LATEST FW---------------------> | | <!-----------------------LATEST FW---------------------> |
− | | latest_fw = RUT9M_R_00.07.01.5 | + | | latest_fw = RUT9M_R_00.07.02.7 |
− | | latest_date = 2022.03.29 | + | | latest_date = 2022.09.12 |
− | | latest_md5 = ce7788e04fd2c73292c85a373598b7d3 | + | | latest_md5 = b2058648ec51566e6c37735d65bbe357 |
| <!-----------------------FACTORY FW--------------------> | | <!-----------------------FACTORY FW--------------------> |
− | | factory_fw = RUT9M_R_00.07.01.5 | + | | factory_fw = RUT9M_R_00.07.02.7 |
− | | factory_date = 2022.03.29 | + | | factory_date = 2022.09.12 |
− | | factory_md5 = ce7788e04fd2c73292c85a373598b7d3 | + | | factory_md5 = b2058648ec51566e6c37735d65bbe357 |
| }} | | }} |
| | | |
| ==Changelog== | | ==Changelog== |
| + | |
| + | ===<b>[[Media:RUT9M_R_00.07.02.7_WEBUI.bin|RUT9M_R_00.07.02.7]]</b> | 2022.09.12=== |
| + | |
| + | * <b>Improvements:</b> |
| + | ** Improved manual-auto connection mode |
| + | |
| + | * <b>Fixes</b> |
| + | ** Fixed AT command for SMS storage usage |
| + | ** Fixed CVE-2022-1012 memory leak vulnerability |
| + | ** Fixed CVE-2022-37434 kernel vulnerability |
| + | ** Fixed interface option reset after VLAN ID change |
| + | ** Removed memory leak on port events |
| + | ** Fixed WiFi Scanner out of range crash when iterating collected data |
| + | |
| + | ===<b>[[Media:RUT9M_R_00.07.02.6_WEBUI.bin|RUT9M_R_00.07.02.6]]</b> | 2022.08.24=== |
| + | * <b>Improvements:</b> |
| + | ** Added 'home.vodafone.de' APN |
| + | ** Improved stability of device information storage |
| + | |
| + | * <b>Fixes:</b> |
| + | ** Added SMSC type omitting when empty SMSC number parsed in SMS PDU mode |
| + | ** Fixed Serial-symlink dmesg messages |
| + | ** Fixed VoLTE management |
| + | ** Fixed OpenVPN tls-auth and tls-crypt option names |
| + | |
| + | |
| + | ===<b>[[Media:RUT9M_R_00.07.02.5_WEBUI.bin|RUT9M_R_00.07.02.5]]</b> | 2022.08.12=== |
| + | |
| + | * Improvements: |
| + | ** Updated curl to version 7.83.1 |
| + | ** Updated firmware validation error messages |
| + | ** Added multiple source IP address support to the Port Forwards page |
| + | ** Increased custom APN Username & Password field maximum length to 64 symbols |
| + | ** Added auto switch to modem's SMS storage when SIM card storage doesn't exist |
| + | ** Improved mobile connection status handling |
| + | ** Added CSP headers Hotspot WebUI landing page |
| + | |
| + | * Fixes: |
| + | ** Fixed CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208 curl vulnerabilities |
| + | ** Fixed CVE-2022-30065 busybox vulnerability |
| + | ** Fixed file upload path traversal |
| + | ** Removed Data to Server limit to proccess less than 10 instances |
| + | ** Fixed Data to Server 'out of memory' crashes when database is full or has a large amount of data |
| + | ** Fixed OpenVPN dev setting logic |
| + | ** Fixed OpenVPN updating from legacy issue that caused IPv6 not to work |
| + | ** Fixed MAC and leasetime setting for Bridge & Passthrough modes |
| + | ** Fixed modal tabs navigation when editing wireless interface with non-english languages |
| + | ** Fixed LAC/TAC parsing in 4G mode |
| + | |
| + | ===<b>[[Media:RUT9M_R_00.07.02.4_WEBUI.bin|RUT9M_R_00.07.02.4]]</b> | 2022.07.20=== |
| + | |
| + | * Improvements: |
| + | ** Added default password change warning message before firmware downgrade |
| + | ** Extended time period for device to make connection to operator |
| + | ** Reduced the number of modem reboots when changing mobile settings |
| + | ** Reduced excessive log output when no SIM card is inserted |
| + | ** Added modem restart prevention on modem init |
| + | ** Added disable RPLMN option in the SIM section of the SIM card config |
| + | |
| + | * Fixes: |
| + | ** Fixed CVE-2022-2068 vulnerability |
| + | ** Disabled autoconnect on stop-network call |
| + | ** Fixed Hotspot login via landing page issue |
| + | ** Fixed FOTA communication issues |
| + | |
| + | ===<b>[[Media:RUT9M_R_00.07.02.3_WEBUI.bin|RUT9M_R_00.07.02.3]]</b> | 2022.06.27=== |
| + | |
| + | * New Features: |
| + | ** Port Mirroring |
| + | |
| + | * Improvements: |
| + | ** Added ping to DNS IPv6 support |
| + | ** Added modem reset to default state after device FW upgrade |
| + | ** Modem init now checks NVRAM sensitive commands before setting |
| + | ** GSM output was made consistent |
| + | ** Updated FSTools package to version 2022-05-03 |
| + | ** Added security headers to web requests |
| + | ** Added default VoLTE value |
| + | ** Specified IP address family on operator control's ping to DNS feature |
| + | |
| + | * Fixes: |
| + | ** Fixed CVE-2019-12900 libbz2 vulnerability |
| + | ** Fixed behavior of some gsmctl commands |
| + | ** Fixed CVE-2022-23303 hostapd vulnerability |
| + | ** Fixed CVE-2022-29581 Linux kernel vulnerability |
| + | ** Fixed CVE-2022-29458 ncurses vulnerability |
| + | ** Fixed CVE-2022-1292 c_rehash script command injection vulnerability |
| + | ** Fixed band locking issue |
| + | ** Fixed race condition for wireless configuration initialization |
| + | ** Fixed operator control issue |
| + | ** Fixed VoLTE management issue |
| + | ** Fixed SIM card checking on modem init |
| + | |
| + | ===<b>[[Media:RUT9M_R_00.07.02.1_WEBUI.bin|RUT9M_R_00.07.02.1]]</b> | 2022.06.06=== |
| + | |
| + | * Improvements: |
| + | ** Improved GSM related messages in Troubleshoot logs |
| + | |
| + | * Fixes: |
| + | ** Fixed IGMP Proxy menu item not appearing after package installation |
| + | ** Fixed default mobile network configuration generation |
| + | ** Fixed MODBUS write requests and Mobile Utils option setting |
| + | |
| + | ===<b>[[Media:RUT9M_R_00.07.02_WEBUI.bin|RUT9M_R_00.07.02]]</b> | 2022.05.10=== |
| + | |
| + | * <b>New features</b> |
| + | ** Overview side widget |
| + | ** IGMP Proxy |
| + | ** Privileged Access Management (PAM) |
| + | ** AWS Greengrass support |
| + | ** HTTPS certificate and key upload feature |
| + | ** SSH public keys edit box |
| + | ** License page |
| + | ** MODBUS |
| + | ** DNP3 data for Data to Server |
| + | |
| + | * <b>Improvements</b> |
| + | ** Updated busybox to version: 1.34.1 |
| + | ** Updated curl to version 7.79.1 |
| + | ** Added iptables filter package for string filtering |
| + | ** Added CHAP authentication for L2TP VPN |
| + | ** Added IPv6 support for L2TPv3 VPN |
| + | ** Added EAP-MSCHAPV2 authentication method for IPsec VPN |
| + | ** Added IPv6 support to Auto Reboot |
| + | ** Added 'Save to flash' and 'Test configuration' button to DNP3 configuration page |
| + | ** Updated SNMP version 5.9.1 |
| + | ** Added OpenSSL authentication options to SNMPv3 |
| + | ** Added support for OSPF redistribution options and OSPF neighbors |
| + | ** Added password field to BGP Peers page |
| + | ** Extended BGP "AS" field validation to accept integers up to 4294967295 |
| + | ** Added "DHE+RSA" to OpenVPN cipher selections |
| + | ** Increased OpenVPN max password length from 128 bytes to 512 bytes |
| + | ** Made HMAC key direction initial value dependent on the role of the instance (client or server) |
| + | ** Made HMAC key and HMAC authentication key upload fields required |
| + | ** Added DES to IPsec encryption algorithms selections |
| + | ** Added special character support for CHAP secrets |
| + | ** Added validation requirements for PPTP user list username field |
| + | ** Added option to manually enter Public key in Wireguard configuration |
| + | ** Made generating Wireguard keys possible only while in auto mode |
| + | ** Added Events Log database to troubleshoot archive |
| + | ** Added RFC1918 filter field |
| + | ** Added the possibility to unblock multiple blocked devices at once |
| + | ** Added 'Port' column to blocked login attempts table |
| + | ** Added Speedtest server refresh |
| + | ** Updated Speedtest server list |
| + | ** Added asterisk option to Site Blocking |
| + | ** Added MD5 and SHA256 checksums to package validation page |
| + | ** Changed certificate requirements to only require client key file if client certificate is used |
| + | ** Added pagination and data retention between table pages |
| + | ** Added pagination functionality to tables when there are more than 10 records |
| + | ** Improved table sorting by saving user provided sort settings in the browser |
| + | ** Improved drag and drop functionality |
| + | ** Added the possibility to drag and drop files onto upload components |
| + | ** Moved 'Root CA' from the 'Access Control' page to the 'Certificates' page |
| + | ** Added 'Strict-Transport-Security' response header for HTTPS |
| + | ** Added 'breadcrumbs' to modal windows |
| + | ** Improved initial WebUI loading after login |
| + | ** Added mobile bytes sent and bytes received SNMP OIDs |
| + | ** Added mobile LED turn off feature ('System -> Administration' page) |
| + | ** Added 'iot.1nce.net', 'internet', 'VZWINTERNET' and Truphone APNs to APN database |
| + | ** Updated mobile usage data point calculation logic |
| + | ** Added the possibility to manually enter operator number |
| + | ** Improved obtain mobile cell ID process |
| + | ** Added modem restart if SIM card is removed during APN database fetching process |
| + | ** Added unauthorized call logging |
| + | ** Added space character support in SMS commands |
| + | ** Disabled SMS modem storage configuration form when SIM is not inserted |
| + | ** Changed SMS '%wi' parameter value to return IP address of any currently used WAN interface (not only wired) |
| + | ** Added external modem SMS limit Overview card and widget |
| + | ** Made in-use APNs visible next to mobile interface configurations (before clicking the 'Edit' button) |
| + | ** Added duplicate value check for list configuration options |
| + | ** Changed mobile card instance design |
| + | ** Fixed 'Mobile Data usage reset' SMS rule |
| + | ** Fixed the default state parameter of SMS list POST/GET command |
| + | ** Added Hotspot configuration profiles |
| + | ** Added local Hotspot user password hashing |
| + | ** Added Hotspot password encoding option |
| + | ** Improved Hotspot related firewall rule setting |
| + | ** Improved WiFi Scanner enable switch to toggle 2 and 5 GHz instances separately |
| + | ** Removed CHAP authentication protocol for WiFi Hotspots due to incompatibility with hashed passwords |
| + | ** Added ubus support to Hotspot |
| + | ** Changed default port name of WiFi devices for 'Topology state' Events Reporting rule |
| + | ** Added I/O SNMP trap |
| + | ** Added ISO 8601 time format to I/O Juggler's '%ts' parameter |
| + | ** Added device name parameter '%pc' to I/O Juggler |
| + | ** Added PPPoE VLAN priority support |
| + | ** Made VRRP ping section dependent on main instance |
| + | ** Added 'WAN to LAN' switch |
| + | |
| + | * <b>Fixes</b> |
| + | ** Fixed CVE-2021-20322, CVE-2021-4197, CVE-2022-1011, CVE-2022-0847 kernel vulnerabilities |
| + | ** Fixed CVE-2022-28391 busybox vulnerability |
| + | ** Fixed CVE-2018-16789 shellinabox vulnerability |
| + | ** Fixed CVE-2021-44543, CVE-2021-44542 privoxy vulnerabilities |
| + | ** Fixed CVE-2021-43618 GNU Multiple Precision Arithmetic Library vulnerability |
| + | ** Fixed zlib backport security issue |
| + | ** Fixed Wireguard firewall zone assignment |
| + | ** Fixed queued packages disappearing from list after FW upgrade with keep settings |
| + | ** Fixed error message display for multiple input validation rules |
| + | ** Fixed incorrect DHCP validation range for start and limit fields |
| + | ** Removed 'Bring up on boot' option from network interface configuration pages |
| + | ** Fixed coma-separated DHCP options disappearing after save |
| + | ** Fixed exclude and listen interfaces |
| + | ** Fixed 'Use broadcast flag' option saving |
| + | ** Fixed firewall zone assignment when creating new interfaces |
| + | ** Fixed OpenVPN 'Netmask' and 'IP address' field validations |
| + | ** Fixed OpenVPN TAP configuration saving issue |
| + | ** Fixed OpenVPN switching to TUN mode when uploading a configuration from file |
| + | ** Fixed dynamic BGP route state display |
| + | ** Fixed BGP peer enable in edit page |
| + | ** Fixed issue when no L2TP client instance could be bound to IPsec |
| + | ** Fixed firewall rule and zone behavior related to config section creation |
| + | ** Added default value for L2TPv3 netmask, which is now written to config after save |
| + | ** Fixed passthrough option saving to IPsec file |
| + | ** Fixed DMVPN issue where instance configuration could not be saved |
| + | ** Fixed Wireguard peer could not be saved issue |
| + | ** Fixed NTP client time synchronization after factory reset |
| + | ** Fixed device time display with selected time zone |
| + | ** Fixed MODBUS TCP indexation missing bracket issue |
| + | ** Fixed initial MODBUS TCP request count validation |
| + | ** Fixed PIN 3/4 direction switching over MODBUS TCP |
| + | ** Fixed MODBUS data to MQTT socket closing issue when connection fails |
| + | ** Fixed MODBUS alarm configuration deletion |
| + | ** Fixed DNP3 master not working after FW upgrade with 'keep settings' |
| + | ** Fixed DNP outstation not returning error messages |
| + | ** Added missing SNMP objects: mobile IP, data sent/received today |
| + | ** Fixed MQTT Publisher 'Remote address' field validation |
| + | ** Fixed long interface name support for Azure IoT Hub |
| + | ** Increased maximum Azure IoT Hub 'Connection String' length to 4096 characters |
| + | ** Fixed missing sent/received data issue |
| + | ** Fixed URL input field length validation |
| + | ** Fixed admin login issue after upload of backup from a device with older firmware versions |
| + | ** Fixed MAC address formatting in Events reporting messages |
| + | ** Fixed Events reporting DHCP lease message spam, when no new lease is added |
| + | ** Fixed logging crashing after downloading Troubleshoot file |
| + | ** Made Wake on LAN visible only on devices with Ethernet ports |
| + | ** Fixed Traffic log file transfer to FTP server |
| + | ** Fixed Web Filter service reloading after a host list file is uploaded |
| + | ** Fixed access denied messages when sending JSON-RPC requests from root user |
| + | ** Fixed error message display about duplicated intervals in Profile scheduler |
| + | ** Fixed FW upgrade with 'keep settings' migration issue for Access Control's 'Fail count' and 'Device port' fields |
| + | ** Corrected OSPF Routing card values, value positions and names |
| + | ** Fixed global secret instances not being removed when there are no IPsec instances |
| + | ** Fixed uploaded file remove icon not staying in position on hover |
| + | ** Fixed Overview card collapse issue that made it unresponsive after too many clicks |
| + | ** Removed WAN6 interface from the Overview page |
| + | ** Fixed mobile IPv6 display in Events Reporting status messages |
| + | ** Fixed Bridge mode when DNS2 is not available |
| + | ** Fixed PAP/CHAP username and password fields not saving in interface edit window |
| + | ** Fixed sending email without secure connection for providers that support such an option |
| + | ** Fixed 'N/A' parameter showing up in SMS Utilities monitoring status message |
| + | ** Fixed Call Utilities Events Log message for reboot rule |
| + | ** Fixed SMS command validation for no-authorization option |
| + | ** Fixed MODBUS SMS alarms 'Enable' option saving |
| + | ** Fixed running RMS with no SIM card inserted issue |
| + | ** Fixed firmware available on server version checking issue |
| + | ** Fixed CVE-2020-15078 openvpn vulnerability |
| + | ** Fixed storage calculation for packages |
| + | ** Fixed firmware deletion after leaving the page |
| + | ** Fixed setup wizard redirect after LAN IP change |
| + | ** Fixed various validation bugs, typos, option hints & alignments |
| + | ** Fixed multiple IPv6 configuration field validations |
| + | ** Fixed VoLTE management |
| + | ** Fixed incorrect parsing of temperature, revision and IP address values |
| + | ** Fixed handling of SIM card removal |
| + | ** Fixed unnecessary SIM switch issue when Multi-APN is configured |
| + | ** Fixed MODBUS TCP slave modem not starting after switching SIM cards |
| + | ** Added multiwan support for Wireguard default route |
| + | ** Fixed wireless signal strength display when no clients are connected |
| + | ** Fixed loss of connectivity for clients when router is in STA+AP mode |
| + | ** Added validation that prevents automatic connection to first unencrypted WiFi AP when using MULTI AP |
| + | ** Fixed Wifi Scanner data not being stored in certain scenarios |
| + | ** Fixed WiFi scanner not turning on after FW upgrade with 'keep settings' |
| + | ** Fixed Hotspot user group limit not resetting on specified time |
| + | ** Removed an RMS error message when no Hotspot users were created |
| + | ** Fixed Hotspot landing page image upload issue |
| + | ** Fixed relay output value display in I/O Juggler condition page |
| + | ** Fixed I/O Juggler's WiFi rule not enabling or disabling WiFi interfaces |
| + | ** Fixed I/O Juggler's double delete issue on I/O Juggler action and condition instances |
| + | ** Fixed I/O Juggler's incorrect I/O status messages |
| + | ** Fixed POST/GET SMS listing by state |
| + | ** Fixed second VLAN ID not being locked |
| | | |
| ===<b>[[Media:RUT9M_R_00.07.01.5_WEBUI.bin|RUT9M_R_00.07.01.5]]</b> | 2022.03.29=== | | ===<b>[[Media:RUT9M_R_00.07.01.5_WEBUI.bin|RUT9M_R_00.07.01.5]]</b> | 2022.03.29=== |