Jump to content
  • EN

RUT986 Firmware Downloads

From Teltonika Networks Wiki
Main Page > RUT Routers > RUT986 > RUT986 Firmware Downloads

This page contains firmware files for RUT986 devices. Look to the table below or the changelog to find download links.

Stable firmware - this version has been tested through both internal QA processes and large-scale user deployments. All known issues have been resolved based on user reports and testing feedback. Stable firmware is currently used as the default for updates and is also deployed in mass production. To upgrade firmware using WebUI, follow the instructions in RUT986 Firmware.
Latest firmware - this is the most recent firmware release, featuring the latest updates, features, and fixes. While it has passed internal testing, it has not yet undergone widespread deployment or user validation. It may still contain undiscovered issues. We recommend testing on a small number of devices before considering broader updates.

Note: packages for Package Manager are independent from firmware and can be downloaded in the Package Downloads page.


RUT986
File Type Release date Size MD5 Links
RUTE_R_00.07.22.3_WEBUI.bin Stable FW 2026.05.19 18 MB 459b305803f3340a1f623a980f560cd6 Changelog API
RUTE_R_00.07.23.5_WEBUI.bin Latest FW 2026.06.09 18 MB 04346691a28fd46fed51f831d40cf90d Changelog API
RUTE_R_GPL_00.07.23.5.tar.gz SDK 2026.06.09 47 MB 7264d4d8a65cef6ed2f5eac064fb87a4

FW checksums

Checksums for firmware files can be found here.

Changelog

RUTE_R_00.07.23.5 | 2026.06.09

  • Fix
    • Network
      • Mobile: fixed application segmentation fault with low signal reconnect enabled
    • System
      • Backup: fixed backup generation for child endpoints

RUTE_R_00.07.23.4 | 2026.05.29

  • CVE Patches
    • CVE-2026-2291 - 7.3 (HIGH)
    • CVE-2026-4890 - 7.5 (HIGH)
    • CVE-2026-4891 - 5.3 (MEDIUM)
    • CVE-2026-4892 - 8.4 (HIGH)
    • CVE-2026-4893 - 5.3 (MEDIUM)
    • CVE-2026-5172 - 7.3 (HIGH)

RUTE_R_00.07.23.3 | 2026.05.21

  • Fix
    • Network
      • Mobile: fixed missing MBN definitions for some cellular operators
      • Network: fixed validation error when changing interface devices and enabling WAN to LAN at the same time
  • CVE Patches
    • CVE-2026-8914 - 8.5 (HIGH)

RUTE_R_00.07.23.2 | 2026.05.18

  • Fix
    • Network
      • Network: fixed interface and DHCP desynchronization after interface name change
    • Services
      • IPsec: fixed xauth not working in certain conditions
  • CVE Patches
    • CVE-2026-31431 - 7.8 (HIGH)

RUTE_R_00.07.23.1 | 2026.05.05

  • Fix
    • Network
      • QOS: fixed incorrect QoS being applied to interfaces after changing interface metric

RUTE_R_00.07.23 | 2026.04.24

  • New
    • Network
      • Mobile: added "iot.melita.io" APN for operator "Melita" into APN database
      • Mobile: added "web.melita" APN for operator "Melita" into APN database
      • Network: added DS-lite protocol support
    • Services
      • TR-069: added Device.Ethernet.Interface object based on "TR-181 Issue 2 Amendment 20", with implementation-specific deviations
      • TR-069: added Device.Hosts.Host object based on "TR-181 Issue 2 Amendment 20", with implementation-specific deviations
      • TR-069: added Device.NAT.PortMapping object based on "TR-181 Issue 2 Amendment 20", with implementation-specific deviations
    • System
      • Kernel: enabled Multipath TCP (MPTCP) support in the kernel configuration
      • SSH: added 2FA support
      • WebUI: added 2FA support
      • WebUI: added dark theme
  • Improvements
    • Network
      • Network usage: improved "Total usage" data deletion funcionality
      • Realtime Traffic: improved performance when switching between time periods
      • Static Routes: added an enable switch to allow disabling routes
      • Wireless: added the ability to kick and block clients from the Status -> Wireless -> Interfaces page
      • Wireless: added disconnect reason to hostapd log
      • cURL: updated version to 8.19.0
    • Services
      • Data to Server: added wildcard for mqtt topics
      • DMVPN: updated "Lifetime" and "IKE lifetime" fields and validations
      • Event juggler: added "Signal quality" event
      • I/O Status: added a switch component to the I/O Status table State column for state configuration
      • IPsec: added warning messages for insecure proposal options
      • Modbus Client: increased connection delay limits to 10s (10000ms)
      • Modbus TCP over Serial Gateway: added configurable inter-frame timeout for serial communication
      • SNMP: improved GSM signal strength trap with condition 'Less than', 'More than' and 'Range' triggers
      • SNMP: removed Events log signal strength trap - GSM signal strength trap should be used instead
      • SSTP: added connection status monitoring
      • TR-069: improved Device.WiFi.AccessPoint object based on "TR-181 Issue 2 Amendment 20", with implementation-specific deviations
      • TR-069: updated secure connection hint to inform that TLS works only when HTTPS is used
      • Net-SNMP: updated version to 5.9.5.2
    • System
      • API Core: replaced Lua 5.1 with LuaJIT 2.1
      • Auto Reboot: updated abbreviated month and day names to full names for improved translation support
      • System Users: improved validation to allow usernames starting with numbers
      • Kernel: updated version to 5.15.200
  • Fix
    • Network
      • Mobile: fixed a rare mobile application crash case when changing APN
      • MPLS: fixed package re-installation after updating with keep settings
      • Network: fixed protocol validation for LAN interfaces in API
      • Network: fixed interface deletion when page is not fully loaded
      • Network: fixed firewall zone select not showing VPN networks in LAN and WAN pages
      • Ports Settings: fixed being able to choose different link duplex mode when hardware doesn't allow
      • QOS: fixed connectivity issues when QoS is enabled
      • QOS: fixed an issue where settings were not correctly applied after saving
      • Realtime Traffic: fixed multiple plot rendering bugs related to daylight saving transitions
      • Wireless: fixed hostapd "no buffer space available" error with multiple SSIDs
      • Wireless: fixed SSID deletion when page is not fully loaded
    • Services
      • Data to Server: fixed button positioning on smaller screens in configuration creation modal
      • Data to Server: fixed a rare case where stale data was sent via FTP after configuration changes
      • Data to Server: fixed FTP upload when the selected directory doesn't exist - now it is created if the FTP server allows it
      • Data to Server: fixed incorrect date formatting in GPS input plugin
      • DLMS: fixed database error in the API endpoint for database entries
      • DNP3 Client: fixed database error in the API endpoint for database entries
      • Email to SMS: fixed process hang in some rare cases
      • GPS: fixed segmentation fault in NTP GPS service after configuration update
      • Hotspot: fixed an issue where a hotspot instance appeared to be assigned to the wrong theme
      • I/O Status: fixed mismatched I/O pin names in the table and legend
      • I/O Status: fixed digital input/output pin re-initialization bug after using pulse counter
      • IEC 60870-5 Client: fixed common address validation on the client side
      • IEC 60870-5 Client: fixed database error in the API endpoint for database entries
      • IEC 60870-5 Server: fixed IEC60870-5 Server should not restart after disabling WAN access
      • Impulse Counter: fixed Impulse Counter add button tooltip to show a hint when all available options have been selected
      • IPsec: fixed hint overlap
      • L2TP: fixed validation requirements for client and server configurations
      • Mobile Utilities: fixed OpenVPN status SMS message
      • Modbus Client: fixed Modbus test button tooltips to display hints when testing
      • Modbus Client: fixed database error in the API endpoint for database entries
      • Modbus Client: fixed modbus client request configuration actions overflowing
      • OPC UA Client: fixed database error in the API endpoint for database entries
      • OPC UA Server: fixed error status not displaying messages
      • OpenConnect: fixed hint overlap
      • OpenVPN: fixed hint overlap
      • SNMP: fixed minor webui validation bug
      • TR-069: fixed OUI setting now it's dynamically set
    • System
      • NTP Client: fixed unnecessary service restart when network interface changes state
      • Package Manager: fixed the installation of backup archive packages in cases of low free flash space
  • CVE Patches
    • CVE-2025-13837 - 2.1 (LOW)
    • CVE-2025-61099 - 7.5 (HIGH)
    • CVE-2025-61100 - 7.5 (HIGH)
    • CVE-2025-61101 - 7.5 (HIGH)
    • CVE-2025-61102 - 7.5 (HIGH)
    • CVE-2025-61103 - 7.5 (HIGH)
    • CVE-2025-61104 - 7.5 (HIGH)
    • CVE-2025-61105 - 7.5 (HIGH)
    • CVE-2025-61106 - 7.5 (HIGH)
    • CVE-2025-61107 - 7.5 (HIGH)
    • CVE-2026-30874 - 1.8 (LOW)

RUTE_R_00.07.22.3 | 2026.05.19

  • Fix
    • System
      • Backup: fixed saving of crontabs
  • CVE Patches
    • CVE-2026-31431 - 7.8 (HIGH)
    • CVE-2026-43284 - 7.8 (HIGH)

RUTE_R_00.07.22.1 | 2026.04.13

  • Improvements
    • System
      • ustream-ssl: updated version to 2026-03-01
  • Fix
    • Services
      • IEC 60870-5 Client: fixed missing serial support validation checks
      • IEC 60870-5 Server: fixed package dependency issues and missing serial support validation checks
      • Modbus Client: fixed test requests due to missing broadcast option
      • RMS: fixed configuration permission issues that caused connection problems
    • System
      • Backup: fixed custom uci-default script execution
      • Backup: fixed ability to reset user password to device default password

RUTE_R_00.07.22 | 2026.03.25

  • New
    • Network
      • SMCroute: added support
    • Services
      • Data to Server: added webui option to toggle server certificate verification
      • DMVPN: added support for DMVPN configuration on GRE tunnels with IPv6 addressing
      • Events reporting: removed web user interface support
      • I/O Juggler: removed web user interface support
      • IEC 60870-5 Client: added 101 serial connection type support
      • SNMP: added SNMP V3 users additional authentication types
    • System
      • Integrity: added functionality to verify file system integrity
      • WebUI: added Polish language support
  • Improvements
    • Network
      • DHCP server: added support for configuring multiple DHCP relay instances
      • DHCP server: added new DHCPv4 error status when parent interface has no IPv4 address
      • Dynamic routes: added mutual redirects between route status and dynamic route pages
      • Dynamic routes: improved display of OSPF routes
      • Dynamic routes: moved instance naming into edit modals for RIP
      • Firewall: improved performance across all firewall pages
      • Mobile: added a general signal quality metric, calculated from a combination of various mobile signal metrics
      • Network usage: added mutual redirects between "Connections" and "Network Usage" pages
      • Port Mirroring: added support for multiple mirror source ports
      • Ports Settings: added warning of enabled 802.1X ports
      • Starlink: added retrieval of location information
      • Wireless: enabled "Forward mesh peer traffic" by default on new mesh network
      • wireless-regdb: updated version to 2026.02.04
    • Services
      • Auto Reply: added "Signal quality" parameter support
      • AWS IoT Core: added TPM support
      • Azure IoT Hub: added TPM support
      • BGP: added IPv6 support
      • BGP: moved instance naming into edit modals
      • Data to Server: added data compression
      • Data to Server: added TPM support
      • EoIP: added 'MTU' option
      • Event juggler: added HTTP URL scheme appendage if it is not defined in HTTP action
      • Event juggler: added TPM support
      • Event juggler: added "Signal quality" parameter support in output actions
      • Hotspot: reworked hotspot service
      • I/O Scheduler: removed ordinal suffixes from "From" and "To" table columns to improve localization
      • IEC 60870-5 Client: improved Information Objects tab usability and editing
      • IEC 60870-5 Client: added universal gateway support
      • IEC 60870-5 Server: added universal gateway support
      • IPsec: added additional proposal options
      • IPsec: removed duplicate proposals
      • IPsec: added automatic default route handling for route based IPsec
      • L2TPv3: improved "Cookie" and "Peer cookie" validation
      • Ledman: updated signal strength LED algorithm to use new value
      • Mobile Utilities: added "Signal quality" parameter support in status message
      • Modbus Client: added "Signal quality" parameter support in MQTT and Email actions
      • Modbus TCP over Serial Gateway: added function 43-14 (Read Device Identification) support
      • MQTT Broker: added certificate key length validation
      • MQTT Broker: added TPM support
      • MQTT Broker Bridge: added TPM support
      • MQTT Publisher: added TPM support
      • OpenVPN: improved server configuration when using a TAP device
      • OpenVPN: added 'Gateway IP address' option for bridged devices
      • PPTP: added client/server status information
      • RMS: updated the Connection Type field hint to reflect the current device connection frequency
      • SMPP: added TPM support
      • SNMP: added an option that makes ifIndex values persistent
      • Tailscale: added memory usage limitation option
      • TR-069: added input validations in set methods for nodes with read-write permissions
      • TR-069: added TR-143 based on "Issue 1 Amendment 1", with implementation-specific deviations
      • TR-069: improved Device.DHCPv4 object based on "TR-181 Issue 2 Amendment 20", with implementation-specific deviations
      • TR-069: added Device.Cellular object based on "TR-181 Issue 2 Amendment 20", with implementation-specific deviations
      • TR-069: added TPM support
      • Traffic Logging: added SFTP support for log uploading (with key support)
      • Traffic Logging: added FTPS support for log uploading
      • cURL: updated version to 8.18.0
      • EmailRelay: updated version to 2.5.2
      • FRR: updated version to 10.2.1
      • OpenVPN: updated version to 2.6.17
      • ovpn-dco: updated version to 0.2.20251017
      • Tailscale: updated version to 1.92.3
    • System
      • Access Control: added SSH, telnet and WebUI session termination support
      • Backup: improved backup to use API endpoints
      • Speed Test: implemented filters and sorting for the servers table
      • glib2: updated version to 2.87.1
      • libmodbus: updated version to v3.1.11
      • openssl: updated version to 3.0.19
  • Fix
    • Network
      • DHCP server: fixed DHCPv4 configuration page bug when parent interface has no IPv4 address
      • Topology: fixed lock functionality on touchscreen devices
      • Wireless: added an API error when multiple scans are performed at the same time
    • Services
      • BACnet: fixed BBMD interface being immediately highlighted in red
      • BGP: fixed how neighborship is displayed for BGP when VRF is used
      • Call Utilities: fixed "Switch WiFi on/off" action execution
      • DLNA: fixed interface selection not showing WLAN interfaces that are not in any bridge
      • Email to SMS: fixed email deletion in some rare cases
      • EoIP: fixed issues with EoIP over L2TP configuration
      • Hotspot: fixed inconsistent session logout after disconnecting from wireless
      • IEC 60870-5 Client: fixed an issue where negative ASDU response results in a timeout
      • IEC 60870-5 Server: fixed server network not restarting after disabling “Allow remote access” when “Cyclic transmissions” are enabled
      • IEC 60870-5 Server: fixed flow control component placement to follow dependency order
      • IPsec: fixed IKEv1 allowing unsupported proposals
      • IPsec: fixed incorrectly applied offloading bypass rules
      • IPsec: fixed display of "Enable XAUTH" switch
      • Mobile Utilities: fixed SMS Utilities user defaults restoration rule
      • Modbus Client: fixed service being launched without any requests to send
      • Modem Control: fixed devices that support CSD not being able to access CSD options
      • NTRIP: fixed issue where status fields were flashing stale data
      • OpenVPN: fixed learn-address routing to handle IPv4/IPv6
      • OSPF: fixed firewall rule creation
      • SMS Utilities: fixed "Switch WiFi on/off" action execution
      • SNMP: fixed Event type Topology change Trap
      • SNMP: fixed port-based VLAN VID display
      • SNMP: fixed setting incorrect firewall rule family option
    • System
      • NTP: fixed the NTP server due to invalid packet headers
      • Package Manager: fixed IPTables NAT Extras package not migrating when updating from RutOS 7.12
      • PAM: fixed TACACS+ WebUI remote host parameter
      • Troubleshoot: fixed duplicate devices listed in the TCP dump configuration
  • CVE Patches
    • CVE-2025-11961 - 1.9 (LOW)
    • CVE-2025-12084 - 6.3 (MEDIUM)
    • CVE-2025-13836 - 9.1 (CRITICAL)

RUTE_R_00.07.21.3 | 2026.03.24

  • Fix
    • System
      • Backup: fixed eSIM interface generation after uploading a backup
      • Reset Settings: fixed reset not responding

RUTE_R_00.07.21.2 | 2026.03.06

  • New
    • Network
      • Mobile: added eSIM activation through proxy server
  • Improvements
    • System
      • Site manager: added configurable DHCP option for client discovery
      • Site manager: added access control loss warning
  • Fix
    • Network
      • Network: fixed an edge-case network hang after device reboot
    • Services
      • Data to Server: fixed memory leak when using IEC 60870 5 as input and using output with custom format

RUTE_R_00.07.21.1 | 2026.02.26

  • Fix
    • System
      • Kernel: fixed certain devices failing to boot
      • Site manager: fixed missing config files in SDK

RUTE_R_00.07.20.4 | 2026.02.05

  • Initial firmware release
Retrieved from "https://wiki.teltonika-networks.com/index.php?title=RUT986_Firmware_Downloads&oldid=176102"