DAP140 Firmware Downloads

---

This page contains firmware files for DAP140 devices. Look to the table below or the changelog to find download links.

To upgrade firmware using WebUI, follow the instructions in DAP140 Firmware.

Note: packages for Package Manager are independent from firmware and can be downloaded in the Package Downloads page.

FW checksums

---

Checksums for firmware files can be found here.

Changelog

DAP14X_R_00.07.15 | 2025.06.06

• New
  • System
    • WebUI: added default HTTP redirect to HTTPS
• Improvements
  • Network
    • DHCP server: included static leases to "Leased IPs" status that are outside of DHCP pool range but are inside interface subnet range
    • Dynamic routes: improved mobile interface handling
    • Dynamic routes: added support for selecting VPN interfaces
    • Firewall: disabled Allow-ICMPv6-Forward rule
    • IGMP Proxy: added VPN interface support
    • Multi WAN: updated configuration interface
    • Multi WAN: added manual member configuration
    • Multi WAN: added expanded Multi WAN interface statuses
    • Network: updated network interface statuses to be more detailed and easier to understand
    • Network: improved 802.1p priority configuration fields
    • Wireless: updated wireless client status with new "Obtaining IP" state
    • Wireless: simplified radio transmit power selection
    • Wireless: added status for current radio transmit power
  • Services
    • AWS IoT Core: updated "AWS provisioning" configuration parameter list
    • BACnet: added support for devices with USB adapters and devices with no rs485 interface
    • Data to Server: added FTP, SMTP, Socket, and Lua script support for data transmission
    • Data to Server: updated "Collection configuration" edit, "Input configuration" edit, "Format string" and "Tag expansion" parameter lists
    • Data to Server: added support for ISO 8601 date format
    • DLMS: added API endpoints to get the current value of a configured group or group value
    • DNP3 Client: added API endpoints to get the current value of a configured request
    • Dynamic DNS: added DNS server field
    • Dynamic DNS: reduced service restarts when mobile is used
    • Event juggler: implemented a retry mechanism for actions in case of failure
    • Event juggler: updated "Send email", "Send SMS", "MQTT", "Script" and "HTTP" action "Text message" parameter list
    • Event juggler: added delete icon on "Remove action" button
    • Event juggler: removed "Startup" event type from event configuration due to duplication
    • Events Reporting: updated "Message text on event" parameter list
    • Modbus Client: updated "Modbus TCP Client" and "Modbus Serial Client" configuration "MQTT message" and "Email" action "JSON format" parameter list
    • OPC UA Client: added API endpoints to get the current value of a configured group, group value or server node
    • Mosquitto: updated version to 2.0.21
    • ovpn-dco: updated version to 0.2.20241216
  • System
    • Access Control: added ability to specify WAN port
    • Access Control: improved HTTPS certificate validation
    • API Core: added preflight OPTIONS method support
    • Certificates: changed certificate signing to use RSA-PSS padding scheme
    • Speed Test: added functionality to find any country servers by using search
    • TCP dump: added suggestions for host and port filters
    • Troubleshoot: separated troubleshooting into individual configuration tabs
    • Troubleshoot: improved logging size configuration and log size limits
    • WebUI: reduced size of the navigation menu and some form elements
    • WebUI: updated table selected rows actions design
    • WebUI: added HTTPS certificate expiration warning and renew functionality
    • WebUI: unified styles of first login and renew expired password modals
    • WebUI: updated Japanese translations
    • Kernel: updated version to 5.15
• Fix
  • Network
    • 802.1X Client: fixed warning message of different port configurations sometimes appearing when closing modal
    • 802.1X Client: fixed 802.1X (client) page access not being controlled by the "Network > Ports" entry
    • DHCP server: fixed DHCPv4 server shutdown when multiple LANs use the same interface and one of them disables DHCPv4
    • Firewall: fixed duplicate VPN zone creation
    • Firewall: fixed HTTP and HTTPS ports migration for DMZ port forwards rules
    • Firewall: removed redundant "Internal zone" field from port forward configuration
    • Multi WAN: fixed missing parameters for the "DHCP" interface
    • Network: fixed incorrect network type shown for LAN with only WiFi interface
    • Static Routes: fixed GRE tunnel name display when its name has special symbols
    • Topology: fixed issue of duplicated WAN interface being displayed under certain configurations
    • VLAN: fixed WebUI port names not matching names written on the casing
    • Wireless: fixed trailing whitespace being ignored in SSID or password
    • Wireless: fixed enterprise client configuration not showing all certificates and keys generated with SCEP
    • Wireless: fixed enterprise client configuration requiring password for unencrypted certificate key
  • Services
    • DLMS: fixed COSEM attribute filtering
    • DLNA: fixed option list of "Interfaces"
    • DMVPN: fixed displaying NAT rules
    • Dynamic DNS: fixed IPv6 support in bind-nsupdate
    • Dynamic DNS: fixed logs showing IPv6 expansion errors when no IP is found
    • Event juggler: fixed duplicated names validation
    • Event juggler: fixed HTTP action when secure connection is chosen
    • Event juggler: fixed condition deletion not working in some edge cases
    • Hotspot: fixed SSL certificates permissions
    • IPsec: fixed connection issues with %any as identifier
    • L2TP: fixed authentication credentials validation
    • Modbus Client: fixed label for 'no_bracket' option in requests
    • MQTT Broker: fixed incorrect "Local port" hint
    • RMS: fixed 'Next connection after' timer display
    • RMS: fixed transition from 'Standby' to 'Enabled' mode
    • Stunnel: fixed issue of global settings sometimes not being displayed
    • Stunnel: made "Certificate File" and "Private Key" fields required when server mode is configured
    • Wireguard: fixed peer allowed IPs select dropdown to show IPv6 options and added the ability to include custom values
    • Wireguard: fixed MTU issues when default route is used
    • Wireguard: fixed tunnel not re-establishing when failover is used
  • System
    • Access Control: fixed HTTPS certificates validation to not allow RSA key length less than 1024 bits and ECC key length less than 160 bits
    • API Core: fixed session validation issues
    • Certificates: fixed SCEP certificate enrollment compatibility issues with certain servers
    • Certificates: fixed SCEP certificate generation
    • System Status: removed bootloader version information if it does not exist
    • WebUI: fixed inconsistent spacing between page elements
    • WebUI: fixed warnings still being displayed after removing uploaded certificates
    • WebUI: fixed issues with SDK API path recognition

---

DAP14X_R_00.07.14.3 | 2025.05.26

• Fix
  • Services
    • L2TP: fixed a connection problem when using an L2TP over IPsec configuration
  • System
    • Custom Scripts: fixed execution of custom scripts after upgrade

---

DAP14X_R_00.07.14.2 | 2025.05.09

Note: If a system upgrade with keep settings is performed from R_00.07.14 or R_00.07.14.1 to this version, follow the instructions described under those firmware versions below to resolve Data Limit and traffic monitoring issues.

---

• Fix
  • Network
    • Firewall: fixed HTTP and HTTPS ports migration for DMZ port forwards rules
    • Network: fixed data limit database save when upgrading with keep settings

---

DAP14X_R_00.07.14.1 | 2025.05.06

Note: This firmware version has been withdrawn due to a critical issue affecting the Data Limit, traffic monitoring functionalities.

Note: If a system upgrade with keep settings was already performed from R_00.07.14 to this version, previous Data Limit tracking and traffic monitoring information cannot be restored. However, to keep current traffic monitoring history after next update, the command found in the Note below must be executed in CLI.

Note: If a system upgrade with keep settings is performed from this firmware version to newer and R_00.07.14 was never used, following command must be executed in CLI before upgrade to resolve Data Limit and traffic monitoring issues.

mkdir -p /usr/local/lib/upgrade/keep.d && echo /usr/local/usr/lib/mdcollectd/mdcollectd.db_new.gz > /usr/local/lib/upgrade/keep.d/mdcollect

---

• Fix
  • System
    • RutOS: fixed curl compilation in SDK
• CVE Patches
  • CVE-2025-2704

---

DAP14X_R_00.07.14 | 2025.04.24

Note: This firmware version has been withdrawn due to a critical issue affecting the Data Limit, traffic monitoring functionalities.

Note: If a system upgrade with keep settings is performed from this firmware version to newer, following command must be executed in CLI before upgrade to resolve Data Limit and traffic monitoring issues.

mkdir -p /usr/local/lib/upgrade/keep.d && echo /usr/local/usr/lib/mdcollectd/mdcollectd.db_new.gz > /usr/local/lib/upgrade/keep.d/mdcollect

---

• New
  • Services
    • AWS IoT Core: added Device Provisioning
    • L2TP: added L2TP over IPv6 support
    • MQTT Broker Bridge: added v5.0 bridge protocol support
  • System
    • RutOS: enabled a read-only root filesystem to ensure system integrity and security
    • WebUI: added Ukrainian language support
• Improvements
  • Network
    • DHCP: added title for action column in custom DHCP option table
    • DHCP: added a warning message when multiple interfaces share the same device and have DHCPv4 enabled
    • DNS: updated the "Custom Redirect" option to support domain wildcard (*) pattern matching
    • DNS: made the "DNS Server" field optional for the "Custom Redirect" option
    • Firewall: improved "intra" zone column names for clarity
    • Ports Settings: reordered network > ports sub-menu and made port settings page first
    • SSHFS: updated mount point location
    • SSHFS: added connection and mount point status
    • Topology: improved network scanning
    • Topology: added port number to topology scan results
    • Topology: added IPv6 support
    • VRF: added section name generation and changing ability
    • Wireless: added warning to a radio channel option when client is configured on same radio indicating that this option can be ignored
    • Wireless: added WiFi standard used by the connected client
    • Curl: updated version to 8.12.0
    • wireless-regdb: updated version to 2024.10.07
  • Services
    • Data to Server: changed new instance to be turned off by default
    • Dynamic DNS: made WebUI show IP updates earlier than the configured DDNS service check interval
    • EoIP: added improvements to avoid packet loops
    • Events juggler: removed Reboot after Input/Output option
    • Events juggler: changed new instance to be turned off by default
    • Events juggler: removed Custom HTTP headers space validation
    • IPsec: enabled dead peer detection by default
    • PPTP: added options for 'MPPE' configuration to WebUI
    • PPTP: added 'Custom options' field to configure custom pppd options
  • System
    • Events Log: added events log file export
    • Profiles: improved table data UI
    • Recipients: changed email maximum password length to 128 characters
    • Setup Wizard: removed host, port options and proxy settings section from RMS setup wizard
    • WebUI: removed default password icons on "Internet Explorer" and "Microsoft Edge" browsers
    • Kernel: updated version to 5.15.178
    • Time Zone Database: updated version to 2025a
• Fix
  • Network
    • Dynamic routes: fixed OSPF issues of not displaying instances of 'area' and 'networks' sections
    • Firewall: fixed certain "Attack prevention" limits making device unreachable
    • Firewall: fixed attack prevention page with missing traffic rules
    • Multi WAN: fixed incorrect WAN state being displayed when using failover
    • Ports Settings: fixed port status speed badge for Ethernet(10mbps)
    • Ports Settings: fixed port disable not working in port settings
    • VXLAN: fixed package installation not starting service properly
    • Wireless: fixed hover hint always being shown on delete button
  • Services
    • Data to Server: disallowed enabling Azure plugin without required options
    • Data to Server: fixed editing Azure plugin configuration when "Device Provisioning Service" option is selected
    • DNP3 Client: fixed an issue where application would terminate on startup
    • Email Relay: fixed service crash when server tls certificate is used
    • Events juggler: fixed broken port link speed reporting
    • Events juggler: fixed condition bug on some plugins
    • Events juggler: fixed LUA condition script support to correctly handle return values
    • RMS: fixed serial code copy button not being displayed
    • SSTP: fixed the issue of the instance starting after upgrading the firmware
    • Wireguard: fixed connection issues when peer is on the same network
  • System
    • API Core: fixed file upload issue which sometimes made WebUI unresponsive
    • NTP: fixed time servers limit validation
    • Package Manager: fixed displaying multiple same functionality buttons when package update fails
    • Password Policy: fixed special characters validation
    • Profiles: fixed loading screen reappearing after profile change fails
    • Recipients: fixed email address validation
    • WebUI: fixed enabled button being removed in some cards on medium sized screens
• CVE Patches
  • CVE-2022-42721
  • CVE-2023-7104
  • CVE-2023-31489
  • CVE-2024-9143
  • CVE-2024-13176
  • CVE-2025-0167
  • CVE-2025-0665
  • CVE-2025-0725

---

DAP14X_R_00.07.13.4 | 2025.04.04

• Improvements
  • System
    • RutOS: updated libubox
• Fix
  • System
    • RutOS: fixed occasional ubus page fault after package install
    • RutOS: fixed user group duplicate entries after applying backup

---

DAP14X_R_00.07.13.3 | 2025.03.21

• Fix
  • Network
    • Multi WAN: fixed internet not being reachable from device when main WAN is down
  • Services
    • RMS: fixed connection retry interval count

---

DAP14X_R_00.07.13.2 | 2025.03.18

• Fix
  • Network
    • 802.1X Client: fixed 802.1x client not working when upgrading from an older firmware
    • Multi WAN: fixed occasional IPsec startup issue after reboot with Multi WAN enabled

---

DAP14X_R_00.07.13.1 | 2025.03.06

• Fix
  • System
    • Auto Reboot: fixed an issue causing the device to reboot immediately

---

DAP14X_R_00.07.13 | 2025.03.03

• New
  • Network
    • BFD: added service
    • Realtime Traffic: added historical data support for wireless devices
  • Services
    • EoIP: added service
    • Events juggler: added service
  • System
    • Update Firmware: added link to FW & SDK download page
• Improvements
  • Network
    • Dynamic routes: added validation for NHRP to prevent using same interface on multiple instances
    • Firewall: added possibility to manually specify conntrack helper for a port forward rule
    • Firewall: moved IPtables NAT extra to package manager
    • Static Routes: improved descriptions for routing rules
    • Topology: moved to package manager
    • VRF: moved page from Network sub-menu to Network > Routing
    • Wireless: added rotating log files for wireless services
    • iperf3: updated version to 3.17.1
  • Services
    • Dynamic DNS: added support for using local openvpn interface ip address
    • Hotspot: added MAC address delimiter and case setting for Radius MAC authentication
    • Hotspot: improved API validations
    • IPsec: added ChaCha20-Poly1305 encryption algorithm
    • IPsec: added periodic connection check
    • Modbus Client: added store on data change mode
    • Modbus Client: added ability to choose where to save database
    • MQTT Modbus Gateway: improved constant $$NAME that can be defined in system configuration
    • OpenVPN: improved statuses for instances
    • OpenVPN: removed 'persist-tun' and 'persist-key' options from default configuration
    • OpenVPN: enabled DCO support for CHACHA20-POLY1305 cipher
    • Zerotier: added ability to upload a custom planet file
  • System
    • Access Control: improved UX when disabling HTTP and HTTPS local access settings
    • Administration: added confirmation prompt when changing profiles
    • Administration: updated hostname validation to allow numeric-only hostname
    • Package Manager: added confirmation prompt when closing uploaded package modal
    • Security: changed password policy to require at least one special character
    • System Users: changed username validation to allow dots and underscores
    • Update Firmware: added link to changelog page
    • WebUI: removed basic/advanced mode
    • WebUI: updated Teltonika logo
    • Kernel: updated version to 5.15.176
• Fix
  • Network
    • Devices: fixed error handling for deleting non-existent bridge sections
    • Firewall: fixed automatic conntrack helper not being assigned for port forward rules in some cases
    • Firewall: fixed traffic rules "start_date" and "stop_date" option validations failing due to incorrect format
    • Firewall: fixed incorrectly restricted AF23 value for traffic rule's DSCP option
    • Multi WAN: fixed pings being lost for backup wired wan interfaces
    • Network: fixed interfaces being displayed in the wrong page after updating with keep settings
    • Network: fixed a name duplication validation error that occurred between the network interface and the VRF instance
    • Network: fixed API failing to sort specific network interface configurations
    • Network: fixed interface remove button disable state being shown only after status is loaded
    • Network: fixed LAN interfaces sometimes not getting IPv6 prefix assigned on creation
    • Static Routes: fixed missing route type validation for API
    • VXLAN: made "Remote address" field required
    • Wireless: fixed new network edit not opening after network with same name deleted
    • Wireless: fixed automatic channel selection failing in Japan regulatory domain
    • Wireless: fixed the missing firewall zone assignment for the created Wi-Fi interface
    • Wireless: fixed memory leak in wireless service caused by AP configuration reloads
    • Wireless: fixed inaccurate Hotspot error when saving SSIDs page
  • Services
    • Data to Server: fixed the OPC UA, DLMS, MBUS, and impulse counter inverted filtering logic
    • Data to Server: fixed "Invert filter" option to be hidden when using "DLMS" type and "Data filtering" option is selected to "All"
    • DLMS: fixed DLMS endpoint parameter validation
    • DLMS: fixed device option data type validation for connections endpoints
    • DLMS: fixed an issue where DLMS service could not read extended register type COSEM objects and display incorrect scaler value
    • DLMS: fixed an issue where non-persistent connections did not close properly
    • DMVPN: fixed NHRP multicast NFLOG group option not setting
    • Hotspot: fixed bandwidth limits setting with "chilli_query" command
    • Hotspot: fixed preserving Hotspot users between firmware upgrades
    • IPsec: fixed status display when compatibility mode is used
    • IPsec: fixed connections not terminating if instance is disabled
    • IPsec: fixed route based ipsec mode
    • L2TP: fixed occasional device hangs when routing L2TP traffic with "Software flow offload" enabled
    • Modbus Client: fixed API error when 'function' option is not present in alarms/requests configuration POST request
    • Modbus Client: fixed reusing connection in Modbus client Modbus request alarm action
    • Modbus Client: fixed email alarm action when TLS is enabled
    • MQTT Modbus Gateway: fixed client ID validation
    • NHRP: fixed missing dependencies
    • OpenVPN: fixed issues related to warnings when using external services
    • RMS: fixed the "Connection state" status displayed as JSON when device language was set to anything other than English
    • SMPP: fixed the "TLS/SSL" option to be visible even when the configuration is not enabled
    • SNMP: fixed validation to prevent creating or editing analog_type trap instances in devices that do not support this functionality
  • System
    • Access Control: fixed "redirect_https" option reset after device reboot
    • Access Control: fixed default HTTPS CA certificate generation
    • Date & Time: fixed time synchronization with the browser when using Europe/Kyiv timezone
    • Package Manager: fixed spinner position in package table
    • Package Manager: fixed possible config migration issues for installed packages
    • Update Firmware: fixed unnecessary FOTA requests when FOTA is disabled
• CVE Patches
  • CVE-2022-49043
  • CVE-2024-5290
  • CVE-2024-9287
  • CVE-2024-11053
  • CVE-2024-34459
  • CVE-2024-53580
  • CVE-2024-56171
  • CVE-2025-24928
  • CVE-2025-27113

---

DAP14X_R_00.07.12.3 | 2025.02.14

• New
  • Services
    • Modbus Client: added an endpoint that returns status for a single Modbus request
• Fix
  • Services
    • IPsec: fixed kernel warnings when custom NAT rules are used with "IPsec Software Flow Offload" enabled
    • OpenVPN: fixed an issue with config file parsing when carriage return characters were present
    • OpenVPN: fixed parsing of the 'Protocol','Port' and 'LZO' options from the config file

---

DAP14X_R_00.07.12 | 2025.01.20

• Initial firmware release

---