TRB160 Firmware Downloads

Main Page > TRB Gateways > TRB160 > TRB160 Firmware Downloads

This page contains firmware files for TRB160 devices. Look to the table below or the changelog to find download links.

To upgrade firmware using WebUI, follow the instructions in TRB160 Firmware.

TRB160

File	Type	Release date	Size	MD5	Changelog
TRB16_R_00.07.15.1_WEBUI.bin	Latest FW	2025.06.17	21 MB	1ebe19d507382b29d3ac52fc17714703	Link
TRB16_R_00.07.13.4_WEBUI.bin	Mass production FW	2025.04.04	20.62 MB	f2c5b59c2a228e173a830921c9bcd71b	Link

TRB16_R_SDK_00.07.15.1.tar.gz

SDK

2025.06.17

229 MB

a4f8abd29a73a25788fea72b8412d615

Note: packages for Package Manager are independent from firmware and can be downloaded in the Package Downloads page.

FW checksums

Checksums for firmware files can be found here.

Changelog

TRB16_R_00.07.15.1 | 2025.06.17

Fix
- Network
  - Realtime Traffic: fixed data collection in rare cases
- Services
  - Event juggler: fixed the execution of user scripts
  - Hotspot: fixed users scripts execution
  - Hotspot: fixed user scripts migration after upgrade with keep settings
  - SMS Utilities: fixed the execution of user scripts
- System
  - Backup: fixed missing root and admin user restoration during backup apply

TRB16_R_00.07.15 | 2025.06.06

New
- Network
  - Mobile: added "iot.t-mobile.com" APN for "T-Mobile" operator to APN database
- Services
  - Java VM: added package to Package Manager
- System
  - WebUI: added default HTTP redirect to HTTPS
Improvements
- Network
  - DHCP server: included static leases to "Leased IPs" status that are outside of DHCP pool range but are inside interface subnet range
  - Dynamic routes: improved mobile interface handling
  - Dynamic routes: added support for selecting VPN interfaces
  - Firewall: disabled Allow-ICMPv6-Forward rule
  - IGMP Proxy: added VPN interface support
  - Mobile: improved SIM switch behavior when its configuration is changed
  - Mobile: added ability to change measurement units in "Mobile Usage" page
  - Mobile: added ability to export mobile usage data to CSV file
  - Mobile: added more statistical parameters to "Mobile Usage" page
  - Mobile: changed "fast.t-mobile.com" APN PDP type from IPv6 to IPv4v6
  - Network: updated network interface statuses to be more detailed and easier to understand
  - Network: improved 802.1p priority configuration fields
- Services
  - AWS IoT Core: updated "AWS provisioning" configuration parameter list
  - BACnet: added support for devices with USB adapters and devices with no rs485 interface
  - Call Utilities: updated "Get status" action "Text message" parameter list
  - Data to Server: added support for receiving and sending data via SMS
  - Data to Server: added support for receiving I/O data
  - Data to Server: added FTP, SMTP, Socket, and Lua script support for data transmission
  - Data to Server: updated "Collection configuration" edit, "Input configuration" edit, "Format string" and "Tag expansion" parameter lists
  - Data to Server: added support for ISO 8601 date format
  - DLMS: added API endpoints to get the current value of a configured group or group value
  - DNP3 Client: added API endpoints to get the current value of a configured request
  - Dynamic DNS: added DNS server field
  - Dynamic DNS: reduced service restarts when mobile is used
  - Email to SMS: improved email handling by deleting emails over 61440 bytes
  - Event juggler: added call action support
  - Event juggler: implemented a retry mechanism for actions in case of failure
  - Event juggler: updated "Send email", "Send SMS", "MQTT", "Script" and "HTTP" action "Text message" parameter list
  - Event juggler: added delete icon on "Remove action" button
  - Event juggler: removed "Startup" event type from event configuration due to duplication
  - Events Reporting: updated "Message text on event" parameter list
  - I/O Juggler: updated "Send SMS", "MQTT" and "Script" action "Text message" parameter list
  - Modbus Client: updated "Modbus TCP Client" and "Modbus Serial Client" configuration "MQTT message" and "Email" action "JSON format" parameter list
  - OPC UA Client: added API endpoints to get the current value of a configured group, group value or server node
  - SMS Forwarding: updated enable option help messages
  - SMS Gateway: updated "Auto reply" "Message text" parameter list
  - SMS Utilities: updated "Reboot", "Send status" action, "Text message" parameter and "SMS rule description" lists
  - Mosquitto: updated version to 2.0.21
  - ovpn-dco: updated version to 0.2.20241216
- System
  - Access Control: added ability to specify WAN port
  - Access Control: improved HTTPS certificate validation
  - API Core: added preflight OPTIONS method support
  - Certificates: changed certificate signing to use RSA-PSS padding scheme
  - Speed Test: added functionality to find any country servers by using search
  - TCP dump: added suggestions for host and port filters
  - Troubleshoot: separated troubleshooting into individual configuration tabs
  - Troubleshoot: improved logging size configuration and log size limits
  - WebUI: reduced size of the navigation menu and some form elements
  - WebUI: updated table selected rows actions design
  - WebUI: added HTTPS certificate expiration warning and renew functionality
  - WebUI: unified styles of first login and renew expired password modals
  - WebUI: updated Japanese translations
Fix
- Network
  - 802.1X Server: fixed 802.1X (server) page access not being controlled by the "Network > Ports" entry
  - DHCP server: fixed DHCPv4 server shutdown when multiple LANs use the same interface and one of them disables DHCPv4
  - Firewall: fixed duplicate VPN zone creation
  - Firewall: fixed HTTP and HTTPS ports migration for DMZ port forwards rules
  - Firewall: removed redundant "Internal zone" field from port forward configuration
  - Mobile: fixed issue where neighbor IP address was not reachable in Bridge/Passthrough modes
  - Mobile: fixed SMS grouping error when old SMS are never deleted
  - Network: fixed incorrect network type shown for LAN with only WiFi interface
  - Network: fixed system crash when using modem data under low memory conditions
  - Static Routes: fixed GRE tunnel name display when its name has special symbols
  - Topology: fixed issue of duplicated WAN interface being displayed under certain configurations
- Services
  - Data to Server: fixed "SIM Card" option select list in "Mobile usage" data input
  - DLMS: fixed COSEM attribute filtering
  - DLNA: fixed option list of "Interfaces"
  - DMVPN: fixed displaying NAT rules
  - Dynamic DNS: fixed IPv6 support in bind-nsupdate
  - Dynamic DNS: fixed logs showing IPv6 expansion errors when no IP is found
  - Event juggler: fixed "SIM Card" option select list in "SIM switch" and "Connection" actions
  - Event juggler: fixed Reboot via SMS Log event
  - Event juggler: fixed duplicated names validation
  - Event juggler: fixed an issue affecting GSM event stability
  - Event juggler: fixed inability to select all available pins in the I/O condition configuration
  - Event juggler: fixed HTTP action when secure connection is chosen
  - Event juggler: fixed condition deletion not working in some edge cases
  - Hotspot: fixed SSL certificates permissions
  - IPsec: fixed connection issues with %any as identifier
  - L2TP: fixed authentication credentials validation
  - Modbus Client: fixed label for 'no_bracket' option in requests
  - MQTT Broker: fixed incorrect "Local port" hint
  - RMS: fixed 'Next connection after' timer display
  - RMS: fixed transition from 'Standby' to 'Enabled' mode
  - SMPP: fixed sequence number in DELIVER_SM packets
  - SMS Gateway: fixed connecting to Gmail with TLS certificate validity verification in Email to SMS
  - SMS Utilities: fixed "SIM Card" option select list in "Change mobile settings" rule
  - Stunnel: fixed issue of global settings sometimes not being displayed
  - Stunnel: made "Certificate File" and "Private Key" fields required when server mode is configured
  - Wireguard: fixed peer allowed IPs select dropdown to show IPv6 options and added the ability to include custom values
  - Wireguard: fixed MTU issues when default route is used
  - Wireguard: fixed tunnel not re-establishing when failover is used
- System
  - Access Control: fixed HTTPS certificates validation to not allow RSA key length less than 1024 bits and ECC key length less than 160 bits
  - API Core: fixed session validation issues
  - Certificates: fixed SCEP certificate enrollment compatibility issues with certain servers
  - System Status: removed bootloader version information if it does not exist
  - WebUI: fixed inconsistent spacing between page elements
  - WebUI: fixed warnings still being displayed after removing uploaded certificates
  - WebUI: fixed issues with SDK API path recognition

TRB16_R_00.07.14.3 | 2025.05.26

Fix
- Services
  - L2TP: fixed a connection problem when using an L2TP over IPsec configuration
- System
  - Custom Scripts: fixed execution of custom scripts after upgrade

TRB16_R_00.07.14.2 | 2025.05.09

Note: If a system upgrade with keep settings is performed from R_00.07.14 or R_00.07.14.1 to this version, follow the instructions described under those firmware versions below to resolve Data Limit and traffic monitoring issues.

Fix
- Network
  - Firewall: fixed HTTP and HTTPS ports migration for DMZ port forwards rules
  - Firewall: fixed DMZ port forward rule for mobile DHCP lease renew
  - Network: fixed data limit database save when upgrading with keep settings

TRB16_R_00.07.14.1 | 2025.05.06

Note: This firmware version has been withdrawn due to a critical issue affecting the Data Limit, traffic monitoring functionalities.

Note: If a system upgrade with keep settings was already performed from R_00.07.14 to this version, previous Data Limit tracking and traffic monitoring information cannot be restored. However, to keep current traffic monitoring history after next update, the command found in the Note below must be executed in CLI.

Note: If a system upgrade with keep settings is performed from this firmware version to newer and R_00.07.14 was never used, following command must be executed in CLI before upgrade to resolve Data Limit and traffic monitoring issues.

mkdir -p /usr/local/lib/upgrade/keep.d && echo /usr/local/usr/lib/mdcollectd/mdcollectd.db_new.gz > /usr/local/lib/upgrade/keep.d/mdcollect

Fix
- System
  - RutOS: fixed curl compilation in SDK
CVE Patches
- CVE-2025-2704

TRB16_R_00.07.14 | 2025.04.24

Note: This firmware version has been withdrawn due to a critical issue affecting the Data Limit, traffic monitoring functionalities.

Note: If a system upgrade with keep settings is performed from this firmware version to newer, following command must be executed in CLI before upgrade to resolve Data Limit and traffic monitoring issues.

mkdir -p /usr/local/lib/upgrade/keep.d && echo /usr/local/usr/lib/mdcollectd/mdcollectd.db_new.gz > /usr/local/lib/upgrade/keep.d/mdcollect

New
- Network
  - Mobile: added support for DHCP relay mode to devices with EG060K-EA module
  - Mobile: added SIM switch rule "On SIM not inserted"
  - Network usage: added feature
- Services
  - AWS IoT Core: added Device Provisioning
  - L2TP: added L2TP over IPv6 support
  - MQTT Broker Bridge: added v5.0 bridge protocol support
- System
  - RutOS: enabled a read-only root filesystem to ensure system integrity and security
  - WebUI: added Ukrainian language support
Improvements
- Network
  - DHCP: added title for action column in custom DHCP option table
  - DHCP: added a warning message when multiple interfaces share the same device and have DHCPv4 enabled
  - DNS: updated the "Custom Redirect" option to support domain wildcard (*) pattern matching
  - DNS: made the "DNS Server" field optional for the "Custom Redirect" option
  - Firewall: improved "intra" zone column names for clarity
  - Mobile: added UCS2 conversion for service provider name
  - Mobile: improved non default SIM card unlock procedure after PIN/PUK is entered
  - Ports Settings: reordered network > ports sub-menu and made port settings page first
  - SSHFS: updated mount point location
  - SSHFS: added connection and mount point status
  - Topology: removed Mobile WAN interfaces from topology scan
  - Topology: improved network scanning
  - Topology: added port number to topology scan results
  - Topology: added IPv6 support
  - VRF: added section name generation and changing ability
  - Curl: updated version to 8.12.0
  - wireless-regdb: updated version to 2024.10.07
- Services
  - Call Utilities: added the ability to update authorization settings for multiple rules via the "Actions" drop-down in the "Call rules" table
  - Call Utilities: moved multiple rule enabling to the "Actions" drop-down in the "Call rules" table
  - Call Utilities: added filtering option for "Action name" column in the "Call rules" table
  - Data to Server: changed new instance to be turned off by default
  - Dynamic DNS: made WebUI show IP updates earlier than the configured DDNS service check interval
  - EoIP: added improvements to avoid packet loops
  - Events juggler: removed Reboot after Input/Output option
  - Events juggler: changed new instance to be turned off by default
  - Events juggler: removed Custom HTTP headers space validation
  - IPsec: enabled dead peer detection by default
  - Post/Get - I/O: removed package
  - Post/Get - Mobile: removed package
  - PPTP: added options for 'MPPE' configuration to WebUI
  - PPTP: added 'Custom options' field to configure custom pppd options
  - SMS Utilities: added rule description hints on "Action" table column values
  - SMS Utilities: added the ability to update authorization settings for multiple rules via the "Actions" drop-down in the "SMS rules" table
  - SMS Utilities: moved multiple rule enabling to the "Actions" drop-down in the "SMS rules" table
  - SMS Utilities: added filtering options for "Action name" and "Authorization method" columns, and sorting for "SMS text" column in the "SMS rules" table
  - SMS Utilities: added default rule response messages
- System
  - Events Log: added events log file export
  - Profiles: improved table data UI
  - Recipients: changed email maximum password length to 128 characters
  - Recipients: improved "phone groups" page to support unlimited phone numbers additions
  - Setup Wizard: removed host, port options and proxy settings section from RMS setup wizard
  - WebUI: added measurement units for "data limit" cards in overview page
  - WebUI: removed default password icons on "Internet Explorer" and "Microsoft Edge" browsers
  - Kernel: updated version to 5.4.290
  - Time Zone Database: updated version to 2025a
Fix
- Network
  - Dynamic routes: fixed OSPF issues of not displaying instances of 'area' and 'networks' sections
  - Firewall: fixed certain "Attack prevention" limits making device unreachable
  - Firewall: fixed attack prevention page with missing traffic rules
  - Mobile: fixed mobile disconnections when DMZ is enabled
  - Mobile: fixed APN selecting from a database with IPv4v6 PDP data type
  - Mobile: fixed incorrect modem temperature reading
  - Ports Settings: fixed port status speed badge for Ethernet(10mbps)
  - Static Routes: fixed API incorrectly returning mobile interfaces
  - VXLAN: fixed package installation not starting service properly
- Services
  - Data to Server: fixed GSM IP and IPV6 retrieval when used SIM slot is changed
  - Data to Server: disallowed enabling Azure plugin without required options
  - Data to Server: fixed editing Azure plugin configuration when "Device Provisioning Service" option is selected
  - DNP3 Client: fixed an issue where application would terminate on startup
  - Email Relay: fixed service crash when server tls certificate is used
  - Events juggler: fixed broken port link speed reporting
  - Events juggler: fixed Mobile data limit event type validation
  - Events juggler: fixed condition bug on some plugins
  - Events juggler: fixed LUA condition script support to correctly handle return values
  - L2TP: fixed connectivity issues when using WAN failover
  - Messages: fixed "Date" row displayed values on smaller screens
  - Mobile Utilities: fixed Manage OpenVPN rule
  - OpenVPN: fixed connectivity issues when using WAN failover
  - RMS: fixed serial code copy button not being displayed
  - SMS Gateway: fixed the duplicate SMS issue in "Email to SMS"
  - SMS Utilities: fixed "SMS text" option validation when enabling rules in "SMS rules" table
  - SSTP: fixed the issue of the instance starting after upgrading the firmware
  - Traffic logging: fixed traffic logging service startup
  - Wireguard: fixed connection issues when peer is on the same network
- System
  - API Core: fixed file upload issue which sometimes made WebUI unresponsive
  - NTP: fixed time servers limit validation
  - Package Manager: fixed displaying multiple same functionality buttons when package update fails
  - Password Policy: fixed special characters validation
  - Profiles: fixed loading screen reappearing after profile change fails
  - Recipients: fixed email address validation
  - Side Widget: fixed port icons overlapping on mobile in port status card
  - WebUI: fixed enabled button being removed in some cards on medium sized screens
CVE Patches
- CVE-2022-42721
- CVE-2023-7104
- CVE-2023-31489
- CVE-2024-9143
- CVE-2024-13176
- CVE-2025-0167
- CVE-2025-0665
- CVE-2025-0725

TRB16_R_00.07.13.4 | 2025.04.04

Improvements
- System
  - RutOS: updated libubox
Fix
- Network
  - Mobile: fixed handling of 18 character long ICCID for eSIM
- System
  - RutOS: fixed occasional ubus page fault after package install
  - RutOS: fixed user group duplicate entries after applying backup

TRB16_R_00.07.13.3 | 2025.03.21

Fix
- Services
  - Ledman: fixed power led indications
  - RMS: fixed connection retry interval count

TRB16_R_00.07.13.2 | 2025.03.18

Firmware includes no changes for this device

TRB16_R_00.07.13.1 | 2025.03.06

Fix
- System
  - Auto Reboot: fixed an issue causing the device to reboot immediately

TRB16_R_00.07.13 | 2025.03.03

New
- Network
  - BFD: added service
  - Mobile: added bandwidth rate limiting control when a specified data usage threshold is reached
  - Mobile: added "internet.telia.iot" APN for Telia carrier
  - Mobile: added "mobile.iot" APN for Elisa carrier
  - Mobile: added "dm.jplat.net" APN for HIS carrier
- Services
  - EoIP: added service
  - Events juggler: added service
  - OpenConnect: added service
- System
  - Update Firmware: added link to FW & SDK download page
Improvements
- Network
  - Dynamic routes: added validation for NHRP to prevent using same interface on multiple instances
  - Firewall: added possibility to manually specify conntrack helper for a port forward rule
  - Firewall: moved IPtables NAT extra to package manager
  - Mobile: improved handling for the maximum number of active interfaces
  - Mobile: improved operator name parsing from SPN file
  - Static Routes: improved descriptions for routing rules
  - VRF: moved page from Network sub-menu to Network > Routing
  - iperf3: updated version to 3.17.1
- Services
  - Dynamic DNS: added support for using local openvpn interface ip address
  - Hotspot: added MAC address delimiter and case setting for Radius MAC authentication
  - Hotspot: improved API validations
  - Input/Output: updated pin block naming
  - IPsec: added ChaCha20-Poly1305 encryption algorithm
  - IPsec: added periodic connection check
  - Modbus Client: added store on data change mode
  - Modbus Client: added ability to choose where to save database
  - MQTT Modbus Gateway: improved constant $$NAME that can be defined in system configuration
  - OpenVPN: improved statuses for instances
  - OpenVPN: removed 'persist-tun' and 'persist-key' options from default configuration
  - SMS Utilities: changed format of ADC and ACL status
  - SMS Utilities: added a new option "Send response SMS" which allows receiving action response message
  - Zerotier: added ability to upload a custom planet file
- System
  - Access Control: improved UX when disabling HTTP and HTTPS local access settings
  - Administration: added confirmation prompt when changing profiles
  - Administration: updated hostname validation to allow numeric-only hostname
  - Package Manager: added confirmation prompt when closing uploaded package modal
  - Security: changed password policy to require at least one special character
  - System Users: changed username validation to allow dots and underscores
  - Update Firmware: added link to changelog page
  - WebUI: removed basic/advanced mode
  - WebUI: updated Teltonika logo
  - Kernel: updated version to 5.4.289
Fix
- Network
  - 802.1X Server: fixed a segfault that sometimes occurs when port state changes to down
  - Devices: fixed error handling for deleting non-existent bridge sections
  - DHCP: fixed an issue where DHCP Relay mode did not work with an active IPv4 mobile connection
  - Firewall: fixed automatic conntrack helper not being assigned for port forward rules in some cases
  - Firewall: fixed traffic rules "start_date" and "stop_date" option validations failing due to incorrect format
  - Firewall: fixed incorrectly restricted AF23 value for traffic rule's DSCP option
  - Mobile: fixed parsing of large data from the module's serial port
  - Network: fixed interfaces being displayed in the wrong page after updating with keep settings
  - Network: fixed a name duplication validation error that occurred between the network interface and the VRF instance
  - Network: fixed API failing to sort specific network interface configurations
  - Network: fixed interface remove button disable state being shown only after status is loaded
  - Network: fixed LAN interfaces sometimes not getting IPv6 prefix assigned on creation
  - Network: fixed DHCP lease sometimes not updating when changing mobile mode
  - Static Routes: fixed missing route type validation for API
  - VXLAN: made "Remote address" field required
- Services
  - Data to Server: fixed the OPC UA, DLMS, MBUS, and impulse counter inverted filtering logic
  - Data to Server: fixed "Invert filter" option to be hidden when using "DLMS" type and "Data filtering" option is selected to "All"
  - DLMS: fixed DLMS endpoint parameter validation
  - DLMS: fixed device option data type validation for connections endpoints
  - DLMS: fixed an issue where DLMS service could not read extended register type COSEM objects and display incorrect scaler value
  - DLMS: fixed an issue where non-persistent connections did not close properly
  - Hotspot: fixed bandwidth limits setting with "chilli_query" command
  - Hotspot: fixed preserving Hotspot users between firmware upgrades
  - Impulse Counter: fixed pin name display
  - IPsec: fixed status display when compatibility mode is used
  - IPsec: fixed connections not terminating if instance is disabled
  - L2TP: fixed occasional device hangs when routing L2TP traffic with "Software flow offload" enabled
  - Modbus Client: fixed API error when 'function' option is not present in alarms/requests configuration POST request
  - Modbus Client: fixed reusing connection in Modbus client Modbus request alarm action
  - Modbus Client: fixed email alarm action when TLS is enabled
  - Modbus Client: fixed alarm issues related to modem
  - MQTT Modbus Gateway: fixed client ID validation
  - NHRP: fixed missing dependencies
  - OpenVPN: fixed issues related to warnings when using external services
  - RMS: fixed the "Connection state" status displayed as JSON when device language was set to anything other than English
  - SMPP: fixed the "TLS/SSL" option to be visible even when the configuration is not enabled
- System
  - Access Control: fixed "redirect_https" option reset after device reboot
  - Access Control: fixed default HTTPS CA certificate generation
  - Date & Time: fixed time synchronization with the browser when using Europe/Kyiv timezone
  - Package Manager: fixed spinner position in package table
  - Package Manager: fixed possible config migration issues for installed packages
  - Update Firmware: fixed unnecessary FOTA requests when FOTA is disabled
CVE Patches
- CVE-2022-49043
- CVE-2024-5290
- CVE-2024-9287
- CVE-2024-11053
- CVE-2024-34459
- CVE-2024-53580
- CVE-2024-56171
- CVE-2025-24928
- CVE-2025-27113

TRB16_R_00.07.12.3 | 2025.02.14

New
- Services
  - Modbus Client: added an endpoint that returns status for a single Modbus request

TRB16_R_00.07.12 | 2025.01.20

New
- Network
  - Mobile: added "global" APN for "Jersey Telecom" operator to APN database
  - Mobile: added "datasim.com" APN for "BT" operator to APN database
  - Mobile: added "datasim.com" APN for "Vodafone" operator to APN database
  - Mobile: added "datasim.com" APN for "Vodafone" operator to APN database
  - Mobile: added "datasim.global" APN for "Telefonica" operator to APN database
  - Mobile: added "soracom.io" APN for "Soracom" carrier to APN database
- Services
  - Dynamic DNS: added IPv6 support
Improvements
- Network
  - DHCP: added leased IP status in DHCP server page
  - DNS: added DNS strict order option
  - Firewall: moved target field to the bottom of NAT rule edit and renamed it to "Action" to match traffic rules
  - Firewall: moved all traffic rule fields related to action to be below action field
  - Firewall: removed ability for any firewall rules to have port selection if protocol is set to "all"
  - Firewall: separated zone and global firewall settings into different pages
  - Firewall: improved "Conntrack helpers" field in zone edit by making it disabled with explanation instead of hiding it
  - Mobile: improved deny data roaming to prevent connection issues after re-enabling roaming
  - Mobile: improved error messages for eSIM profile downloads
  - Mobile: improved active SIM display in tabs and status pages
  - Mobile: improved modem signal value filtering
  - Mobile: improved DNS checking across different interface PDP types
  - Network: fixed configuration viewing in the WAN page when user has only read permission
  - UDP Relay: moved service menu item from Network > Other > UDP Relay to Network > UDP Relay
  - VRF: added additional validations to address used device cases
  - VXLAN: separated edit form options into general and advanced tabs
  - Curl: updated version to 8.11.0
- Services
  - DLMS: added ability to view COSEM objects for each scanned physical device in overview page
  - Modbus Server: added analog register (pwr0)
  - NTP Client: updated 'Count of failed NTP requests' option to permanently synchronize with mobile operator when NTP servers fail
  - Overview: added IP type status to network interface cards
  - SMS Utilities: changed format of ADC and ACL status
  - azure-iot-sdk-c: updated version to LTS_08_2024
- System
  - API Core: added query parameter for configuration GET endpoints to receive all options, even if unset
  - Package Manager: removed "Installed Version" and "Available Version" columns from the package table
  - Kernel: updated version to 5.4.285
Fix
- Network
  - 802.1X Server: updated radius secret back-end validation to match front-end validation
  - Dynamic routes: fixed dynamic routes not starting after installation on rare occasions
  - Firewall: deprecated invalid dest_local option in traffic rules API
  - Firewall: fixed zone placement in NAT rule description
  - Mobile: fixed cell ID parsing on 2G networks
  - Mobile: fixed modem information collection after firmware installation
  - Mobile: fixed repetitive mobile band configuration on startup
  - Mobile: improved operator name parsing when information is unavailable on the SIM card
  - Mobile: fixed SMS limit displaying incorrect reset date
  - Mobile: fixed an issue where duplicate APN could be configured
  - Mobile: fixed LAC/TAC display in mobile status page
  - Mobile: fixed an issue where incorrect SIM was selected
  - Mobile: fixed an issue where SIM card pin code would be stored as "N/A"
  - Network: fixed missing PPPoE username and password validations
  - Ports Settings: fixed incorrect warning message for identical port configurations
  - Ports Settings: fixed an occasional infinite spinner issue when changing port settings
  - QOS: fixed source and destination host field validation to allow subnet in CIDR notation
  - QOS: fixed starting SQM after reboot when QoS package is installed
  - Static Routes: fixed interface select not showing SSTP instances
  - VLAN: fixed wrong error message when deleting a VLAN that does not exist
  - VRF: fixed an issue that prevented saving the configuration when an inactive VLAN was selected
- Services
  - DLMS: fixed parameters table not always refreshing when selecting devices
  - DLMS: fixed mismatched name validations between API and WebUI
  - DLMS: fixed an issue where uptime becomes incorrect when system time changes
  - DNP3 Client: fixed API error when non existent parent id is provided in requests endpoint URL
  - DNP3 Client: fixed an issue where uptime becomes incorrect when system time changes
  - DNP3 Outstation: fixed an issue where uptime becomes incorrect when system time changes
  - IPsec: increased maximum length of local / remote identifiers and selector ID to 255 characters
  - IPsec: fixed deleting global secrets when more than one ipsec instances are configured
  - IPsec: fixed IPsec not reloading after DMVPN uninstall
  - IPsec: fixed showing empty error messages after instance deletion
  - IPsec: fixed excessive logging
  - IPsec: fixed firewall rules migration and identifier setting when certificate authentication is used
  - Modbus Client: fixed configuration files not being removed after package removal
  - Modbus Client: fixed an issue where uptime becomes incorrect when system time changes
  - Modbus Server: fixed configuration files not being removed after package removal
  - Modbus Server: fixed an issue where uptime becomes incorrect when system time changes
  - MQTT Modbus Gateway: fixed configuration files not being removed after package removal
  - MQTT Modbus Gateway: fixed an issue where uptime becomes incorrect when system time changes
  - NTP Client: fixed Count of time synchronizations that was not working properly
  - OPC UA Client: fixed URL validation
  - OPC UA Client: fixed configuration files not being removed after package removal
  - OPC UA Client: fixed API security mode option require validation
  - OPC UA Client: fixed an issue where uptime becomes incorrect when system time changes
  - OPC UA Client: fixed validation for prefix, midfix, postfix options
  - OPC UA Server: fixed configuration files not being removed after package removal
  - OPC UA Server: fixed API encryption option require validation
  - OPC UA Server: fixed an issue where uptime becomes incorrect when system time changes
  - OpenVPN: fixed the problem related to the 'netlink reports object not found' warning when using the DCO configuration
  - SNMP: fixed mwan3Ip to display 'N/A' if no IPs are present
  - TR-069: fixed ConnectionRequestURL node to return VPN IP address if VPN is used
  - Web Filter: fixed site blocking rules affecting router itself when selecting specific network interface
  - Web Filter: added exception to FOTA server blocking
  - Web Filter: fixed site blocking not working with Hotspot
  - Web Filter: fixed whitelist not working with domains that have forwards to other domains
- System
  - Certificates: fixed issue where the API allowed the deletion of root certificate
  - Certificates: fixed uploading of certificates that are 4096 bits or longer
  - Package Manager: added protection against zip bombs when uploading a package
  - PAM: fixed creating new instance
  - WebUI: fixed SDK example app validation mismatch between UI and API
  - WebUI: fixed default value display on instances for multiple services
CVE Patches
- CVE-2024-5594
- CVE-2024-9681
- CVE-2024-29195

TRB16_R_00.07.11.3 | 2024.12.17

Fix
- Services
  - Input/Output: fixed issues causing fault messages on service close
  - Wireguard: fixed field validation after firmware upgrade
  - OpenVPN: fixed the certificate file selection issue in the server configuration

TRB16_R_00.07.11.2 | 2024.12.09

Fix
- Services
  - IPsec: fixed loading connections using AEAD algorithms
  - IPsec: fixed connection status display
  - IPsec: fixed Local source IP option
  - IPsec: fixed issue with multiple global secrets of same type

TRB16_R_00.07.11.1 | 2024.12.02

Fix
- Services
  - Ledman: fixed issue when network type LEDs are blinking when data connection is established

TRB16_R_00.07.11 | 2024.11.25

New
- Network
  - 802.1X: added initial server support
  - NAT64: added NAT64 WebUI configuration support
- Services
  - Data to Server: added LUA format support
  - DLMS: added option to configure which COSEM class attributes to read from the meter
  - Impulse Counter: added feature
  - Wireguard: added QR code configuration generator
- System
  - Administration: added capability of displaying a configurable banner before login
  - Password Policy: added ability to modify the password policy
  - System Users: added sensitive option toggle for user groups
Improvements
- Network
  - Firewall: added TCPMSS action to traffic rules
  - Mobile: improved mobile connection checking according to serving cell connection
  - Mobile: improved manual operator selection logic to prevent unintended operator changes
  - Mobile: added 'telenor.smart' APN for 'Telenor' operator to APN database
  - Mobile: added 'telenor.fwa' APN for 'Telenor' operator to APN database
  - Mobile: removed 'internet.ventelo.no' APN for 'Telenor' operator from APN database
  - Mobile: removed 'telenor' APN for 'Telenor' operator from APN database
  - Mobile: standardized operator names on the APN database
  - Topology: added sorting functionality for "IP address" and "MAC address" table columns
- Services
  - Data to Server: added scheduler support
  - DLMS: added default values for table name columns
  - IPsec: updated 'Custom option' field validation
  - IPsec: migrated to swanctl
  - Modbus Client: added phone group selection
  - Modbus Client: added email alarm action
  - OPC UA Client: changed validation, allowing to add certificates when channel encryption is not used
  - OpenVPN: improved WebUI page for creating and modifying instances
  - OpenVPN: added custom configuration file parsing
  - OpenVPN: added option to configure virtual addressing topology and support for TLS clients
  - OpenVPN: added 'adaptive' selection for the LZO parameter
  - OpenVPN: added support for multiple remote network values
  - OpenVPN: improved the selection of allowed data ciphers in the WebUI
  - OpenVPN: improved private key decryption
  - OpenVPN: removed dependency on the protocol value for configuring tunnel IPv6 addresses
  - OpenVPN: added the possibility to use multiple remote host/IP address values
  - OpenVPN: added support for exporting configuration
  - Mosquitto: updated version to 2.0.20
- System
  - Access Control: added ability to bind HTTP and HTTPS to specific IPs and ports
  - Events Log: improved event log messages format
  - Logging: added a log ID to each log entry for easier tracking and identification
  - Security: enabled ASLR and PIE security hardening features for improved memory protection
  - Setup Wizard: added SIM card and modem statuses in Mobile page
  - WebUI: updated design of tables
  - Kernel: updated version to 5.4.284
  - libffi: updated version to 3.4.6
  - readline: updated version to 8.2
Fix
- Network
  - Mobile: fixed duplicate of "wap66" APN for "SFR" operator in APN database
  - Mobile: fixed duplicate of "wap68" APN for "SFR" operator in APN database
  - Mobile: fixed duplicate of "internet" APN for "TDC" operator in APN database
  - Mobile: fixed duplicate of "orangeweb" APN for "Orange" operator in APN database
  - Mobile: fixed duplicate of "wap.digicelbvi.com" APN for "Digicel" operator in APN database
  - Mobile: fixed duplicate of "wap.digicelha.com" APN for "Digicel" operator in APN database
  - Mobile: fixed duplicate of "indosatgprs" APN for "Indostat" operator in APN database
  - Mobile: fixed duplicate of "3gprs" APN for "3" operator in APN database
  - Mobile: fixed duplicate of "VZWINTERNET" APN for "Verizon" operator in APN database
  - Mobile: fixed duplicate of "soracom.io" APN for "FL1" operator in APN database
  - Mobile: fixed the USSD message when the network is not responding
  - Mobile: removed voice features for EC25-AFFD module
  - Network: fixed duplicate of "pps" APN for "Zain KW" operator in APN database
  - Network: fixed MTU get from API
  - Static Routes: fixed IPv6 route target validation to accept IPv6 subnet
- Services
  - Bluetooth: fixed service crash when trying to unpair devices
  - DLMS: fixed name validation when adding physical devices
  - IPsec: fixed incorrect status display when multiple instances are configured
  - IPsec: fixed flushing of connection tracking table when compatibility mode is used
  - L2TP: fixed disappearing default route when using mobile interface as the default WAN
  - Mobile Utilities: fixed password validation when enabling SMS rule
  - Modbus Client: fixed rpc crash when calling serial.test method
  - Modbus Server: fixed firewall rule creation
  - Python3: fixed out-of-tree package compilation issue with the SDK
  - SMS Gateway: fixed long HTTP URL formatting in SMS Forwarding to HTTP
  - SMS Utilities: fixed sending messages to short numbers
  - Zerotier: fixed saving configuration when LAN interface has no associated physical interface
- System
  - Access Control: fixed unauthorized errors on interface endpoints
  - Access Control: fixed IP Block configuration when upgrading from previous firmware versions
  - Package Manager: fixed VXLAN package not having link to configuration page
  - Package Manager: fixed restoring packages after firmware upgrade
  - Troubleshoot: fixed scenarios where TCPdump field was not displayed
  - WebUI: fixed issue when sometimes hidden sections with created instances were not displayed
CVE Patches
- CVE-2021-38291
- CVE-2024-6232
- CVE-2024-44070

TRB16_R_00.07.10.3 | 2024.11.08

Fix
- System
  - Update Firmware: fixed firmware size validation

TRB16_R_00.07.10.2 | 2024.11.04

New
- Network
  - Mobile: added "kajeet.gw12.vzwentp" APN for "Verizon" operator to APN database
  - Mobile: added "V5GA01INTERNET" APN for "Verizon" operator to APN database
  - Mobile: added "kajeet.fw5g.vzwentp" APN for "Verizon" operator to APN database
  - Mobile: added "iot.kajeet" APN for "T-Mobile" operator to APN database
  - Mobile: added "iot.tmowholesale.static" APN for "T-Mobile" operator to APN database
  - Mobile: added "iot.tmowholesale" APN for "T-Mobile" operator to APN database
  - Mobile: added "sentinel01.com.attz" APN for "AT&T" operator to APN database
  - Mobile: added "sentinelent01.com.attz" APN for "AT&T" operator to APN database
  - Mobile: added "sentinelnb01.com.attz" APN for "AT&T" operator to APN database
  - Mobile: added "213x.sentinel01.com.attz" APN for "AT&T" operator to APN database
  - Mobile: added "213x.sentinelent01.com.attz" APN for "AT&T" operator to APN database
  - Mobile: added "sentinel-static.mcs" APN for "AT&T" operator to APN database
  - Mobile: added "uscc05016.enterprise3.usc-cdp" APN for "US Cellular" operator to APN database
  - Mobile: added "uscc07009.enterprise3.usc-cdp" APN for "US Cellular" operator to APN database
  - Mobile: added "sentinel.crs.bell.ca.ioe" APN for "Bell Mobility" operator to APN database
  - Mobile: added "kajeet.crs.bell.ca.ioe" APN for "Bell Mobility" operator to APN database
  - Mobile: added "sentinel.apn" APN for "Rogers" operator to APN database
  - Mobile: added "sentinel.vf" APN for "Vodafone" operator to APN database
  - Mobile: added "sentinel.lpwa.vf" APN for "LPWA" operator to APN database
Improvements
- Network
  - Mobile: improved carrier aggregation signal value parsing
Fix
- Network
  - Firewall: fixed bug in NAT rule migration script that would overwrite Port Forwarding rule options
  - Mobile: fixed eSIM profile loading from servers with unusual response

TRB16_R_00.07.10 | 2024.10.10

New
- Network
  - Mobile: added ability to export modem debug and USSD responses to CSV file
  - Mobile: added "hologram" APN for "Hologram" operator
  - Mobile: added "wbdata" APN for "Granite" operator
  - Mobile: added "netw.vp" and "netw2.vp" APNs for "Networth" operator to APN database
  - NAT64: added "jool" package for NAT64 support
- Services
  - AWS IoT Core: added service
  - BACnet: added ability to configure several BIP interfaces, to set network numbers and preconfigure BDT entries for BBMD
  - Console: added service status information display
  - DLMS: added service status information display
  - DNP3 Client: added service status information display
  - DNP3 Outstation: added service status information display
  - Modbus Client: added service status information display
  - Modbus Server: added service status information display
  - Modbus TCP over Serial Gateway: added service status information display
  - MQTT Modbus Gateway: added service status information display
  - OPC UA Client: added service status information display
  - OPC UA Server: added variable "rut_wan_type" which shows if WAN is on a wired or a mobile network
  - OPC UA Server: added service status information display
  - RMS: added SOCKS5 proxy support
- System
  - Certificates: added SCEP certificate generation method
Improvements
- Network
  - Curl: added unix socket support
  - Firewall: added most options to basic mode for all firewall pages
  - Firewall: added all firewall pages to basic mode
  - Interfaces: increased interface metric maximum value from 10000 to 4294967295
  - Mobile: added "flolive.net" APN for "Telecom Italia", "Telefonica O2" and "Telefonica Movistar" operators to APN database
  - Mobile: changed the default APN for IMS protocol from "VZWIMS" to "IMS" for "Verizon" operator
  - Mobile: fixed an issue where the ICCID was not returned correctly when the SIM card's ICCID ended with letters
  - Mobile: improved 5G NSA CA information display
  - Mobile: improved SIM and eSIM management via LPAC service
  - Multi WAN: added rules table to basic mode
  - Static Routes: added page to basic mode
  - VRRP: added page to basic mode
- Services
  - DLMS: added meter COSEM object scanning
  - DNP3 Client: made menu names more consistent
  - IPsec: improved 'Remote endpoint' validation to allow '%any', '%any4', '%any6' values and netmask
  - IPsec: added ability to use certificates from Certificate Manager
  - L2TPv3: added Tunnel ID and Session ID validation to avoid creating multiple tunnels with the same parameters
  - Modbus Client: updated Modbus Client menu position
  - Modbus Server: updated Modbus Server menu position
  - Python3: changed python3-light package libraries
  - SMS Utilities: added an option to enable or disable the return of status code message
  - Tinc: added options to set the tunnel's IP address
  - Tinc: added a port option to listen for incoming connections and the ability to specify a port for outgoing connections
  - Wireguard: added tunnel source mode selection
  - Python3: updated version to 3.11.7
  - Strongswan: updated version to 5.9.14
- System
  - Access Control: refactored 'General', 'Security' and 'PAM' Web pages
  - Auto Reboot: added support for multiple hosts/URLs in Ping/Wget Reboot
  - Backup: encrypting backup does not require 7zip package anymore
  - Certificates: split "Let's Encrypt" certificates into multiple files
  - Troubleshoot: added dynamic routes debugging information
  - WebUI: added ability to open new page in new tab without entering user credentials
  - WebUI: improved SDK example application
  - Glib2: updated version to 2.80.5
  - Kernel: updated version to 5.4.282
  - Ncurses: updated version to 6.5
Fix
- Network
  - Firewall: fixed automatic priority option change
  - Mobile: fixed hang up of QMI WDS service
  - Mobile: fixed QMI errors when multi APN is configured
  - Mobile: fixed typo in "m2m.airinternet.eu" APN for "Airinternet" operator in APN database
  - Network: fixed mobile Bridge/Passthrough mode not working after changing LAN interface settings
  - Network: fixed "LAN to WAN" and "WAN to LAN" button errors
- Services
  - BACnet: fixed communication issues between the ports
  - BACnet: added all available default baud rates
  - BGP: fixed AS field to allow duplicate values
  - BGP: fixed Access list filters not applying fully
  - DLMS: added all available default baud rates
  - DMVPN: fixed DMVPN GRE instance disappearing when creating new IPsec instance
  - DNP3 Client: removed unnecessary max length display for test response field
  - DNP3 Client: renamed TCP Station to TCP Client in the API documentation
  - DNP3 Client: added all available default baud rates
  - DNP3 Outstation: added all available default baud rates
  - GRE: fixed interface not showing up in OSPF and RIP selections if it is off
  - IPsec: fixed IP rule not appearing after network restart
  - IPsec: fixed duplicate port values in IPsec firewall rules
  - Ledman: fixed issue when power LED turns off when rebooting device
  - Modbus Client: added all available default baud rates
  - Modbus Client: added missing API docs for Modbus test request
  - Modbus Server: added all available default baud rates
  - Modbus Server: fixed firewall rule staying enabled when app is disabled
  - Modbus Server: fixed firewall rule creation
  - OpenVPN: fixed the configuration after disabling the use of external services
  - OpenVPN: fixed OpenVPN restarting when mobile interface comes up
  - SNMP: fixed Hotspot OIDs' hssID and hssUsername display
  - Tinc: fixed adding routes to remote subnets
  - Tinc: fixed configuration generation issues when creating multiple network and host instances
  - Tinc: fixed issues with route creation when using IPv6 addresses in tunnel configuration
  - Tinc: fixed validation for uploading key files
- System
  - Backup: fixed uploading backup with memory expansion enabled
  - CLI: fixed some private IPs being incorrectly determined as public
  - JSON-RPC: fixed login "Access Denied" error
  - Update Firmware: fixed occasional device reboot when upgrading FW when "partial modem control" is enabled
  - USB: fixed device detection issue on some Windows systems
  - WebUI: added API required values validation when enabling BACnet, DLMS, DNP3, Modbus, MQTT, NTRIP services
  - WebUI: fixed 'Memory' status card progress bars visuals
  - WebUI: fixed search bar suggestions after removing packages
  - WebUI: fixed showing data in modals for users with only read permissions
  - WebUI: fixed custom SDK pages not loading correctly
CVE Patches
- CVE-2021-3520
- CVE-2021-44540
- CVE-2021-44541
- CVE-2024-4032
- CVE-2024-6119
- CVE-2024-6232
- CVE-2024-6923
- CVE-2024-7264

TRB16_R_00.07.09 | 2024.09.03

New
- Network
  - Devices: added VXLAN support
  - Firewall: added ability to configure NAT rule action
  - Firewall: added additional TTL target for firewall rules
  - Mobile: added "datamobile.ag" APN for "Datamobile.ag" operator to APN database
  - Mobile: added "m2m.ajrinternet.eu" APN for "Airinternet" operator to APN database
  - Mobile: added "wbdata" APN for "Webbing" operator to APN database
  - Mobile: added "inetd.vodafone.iot" APN for "Vodafone" operator to APN database
  - Mobile: added "asm" APN for "ASM" operator to APN database
  - Realtime Traffic: added historical traffic charts
- Services
  - Events Reporting: added new firmware version notification event
  - SNMP: added Multiwan data module
- System
  - WebUI: added notifications menu
Improvements
- Network
  - Mobile: improved network bring up after operator scan
  - Mobile: updated bands selection to include band number and frequency
  - Mobile: improved SIM card notifications to get removed when SIM card state or active SIM changes
  - Mobile: improved modem update notifications to show modem name
  - Mobile: removed the USSD feature from the data-only modems
  - Ports Settings: added more PoE state symbols, colored disabled port differently and improved port status hint
  - Realtime Traffic: improved chart styles
- Services
  - Call Utilities: added check if the number is blocked before doing action
  - Data to Server: added warning messages about insecure certificates for http_certfile and mqtt_certfile options in API and WebUI
  - DLMS: added SHA256 authentication
  - DLMS: improved COSEM group enable validation
  - GRE: reduced GRE keepalive packet buffer size
  - IPsec: added support for route based tunnel
  - L2TP: added field for custom options
  - Mobile Utilities: added Call Utilities support
  - SMPP: added timeout option
  - Web Filter: added hostname count message after successful file upload
- System
  - Access Control: improved system user's access control rules logic
  - Access Control: added option to disable password auth for the root user
  - Administration: improved write/read access control options display to match meniu path style
  - Backup: improved backup page by splitting it into backup and reset settings page
  - Side Widget: added port status widget
  - Update Firmware: changed firmware update log to include firmware version
  - WebUI: updated firmware and backup verification pages design
  - WebUI: improved global alerts display
  - WebUI: added confirmation prompt for disabling service in side widget
  - Kernel: updated version to 5.4.279
Fix
- Network
  - Devices: fixed configured VLAN 0 device cannot be selected in interface physical settings configuration
  - Mobile: fixed data limit widget to show used data for inactive interface
  - Mobile: fixed Bridge/Passthrough modes for routed networks
  - Mobile: fixed incorrect date values when setting SMS limit
  - Mobile: fixed SINR display for EG060K module
  - Mobile: fixed SMS used data header counter
  - Mobile: fixed the issue where the PUK event was not displayed when the SIM PIN was blocked
  - Mobile: fixed uqmi start-network authentication issue
  - Mobile: fixed modem info not being filled on devices with more than one modem
  - Mobile: fixed mobile data limit to calculate correct used limits when using ipv4 and ipv6 simultaneously
  - Mobile: fixed USSD over IMS error handling
  - Mobile: fixed an issue where the interface could hang if the modem was busy
  - Network: fixed incorrect date values when setting data limit
- Services
  - Azure IoT Hub: fixed the Azure IoT Hub deprecated endpoint to create Data to Server sections
  - Azure IoT Hub: fixed the Azure IoT Hub deprecated endpoint so that it does not create sections in GET request
  - Azure IoT Hub: fixed the deletion of Data to Server sections when an Azure IoT Hub section is deleted through the deprecated endpoint
  - DLMS: fixed OBIS code validation
  - Input/Output: added I/O juggler reload when I/O pin direction is changed
  - OPC UA Client: fixed TCL file upload
  - OPC UA Server: fixed TCL file upload
  - OPC UA Server: fixed configuration migration
  - OpenVPN: fixed default firewall zone for tap interfaces
  - SNMP: fixed TELTONIKA-MIB wireless module crash
  - SNMP: fixed mobile network state display
  - SNMP: fixed default hssDwLimit, hssUpLimit, hssDwBandwidth and hssUpBandwidth values
- System
  - API Core: fixed file deletion
  - Package Restore: fixed automatic package re-installation after firmware upgrade
  - Troubleshoot: fixed troubleshoot not including all the log files when log to flash is enabled
  - USB: fixed RNDIS driver detection on Windows systems
  - User Settings: fixed page to show groups and users if the user has been granted access
  - WebUI: fixed overview page to display active wireless (WLAN) clients
CVE Patches
- CVE-2021-32292
- CVE-2022-40617
- CVE-2023-49441
- CVE-2024-0397
- CVE-2024-3596
- CVE-2024-5535
- CVE-2024-8088
- CVE-2024-26669
- CVE-2024-26739
- CVE-2024-26740
- CVE-2024-36901

TRB16_R_00.07.08.2 | 2024.08.12

Fix
- System
  - Update Firmware: fixed inconsistent firmware download from FOTA

TRB16_R_00.07.08.1 | 2024.08.06

Note: This firmware version was removed due to an issue with FOTA firmware download.

Improvements
- Network
  - Mobile: improved firmware downgrade validation for Quectel modules
- Services
  - Zerotier: updated version to 1.14.0
Fix
- Network
  - Mobile: fixed an issue where in some cases mobile network interfaces would not be brought down properly
  - Mobile: fixed memory fault while allowlist and denied data roaming enabled
  - Network: fixed default route not being added for PPPoE connections
- Services
  - OPC UA Client: fixed connections not being closed after using testing functionality
- System
  - WebUI: fixed SDK WebUI package compilation

TRB16_R_00.07.08 | 2024.07.18

Note: This firmware version was removed due to an issue with FOTA firmware download.

New
- Network
  - DNS: added inherited server status to configuration page
  - HTTPS DNS Proxy: added new HTTPS DNS Proxy package to package manager
  - Mobile: added SIM card lock/unlock functionality in Mobile->Utilities page
  - Mobile: added SIM card PIN change functionality in Mobile->Utilities page
  - Mobile: added new Mobile->Limits page which shows information and allows to configure Data and SMS limits
  - Mobile: added DFOTA support for RG520N modems
  - Mobile: added nr-arfcn display to mobile status page
  - Mobile: added dfota support for devices with RG520N-EB modem
- Services
  - Data to Server: added 'Lua script' data input
  - Input/Output: added ability to configure gpio debounce timer and changed default gpio debounce timer value from 200 ms to 10 ms
  - IPsec: added initial XFRM support
  - MQTT Modbus Gateway: added JSON message type format
  - OpenVPN: added DCO support
- System
  - API Core: added option to configure api session timeout
  - Certificates: added "Let's encrypt" certificate generation
  - PAM: added RADIUS external user support
  - UI Core: added data analytics support
  - Update Firmware: added warning message about device being temporarily unreachable on firmware update
Improvements
- Network
  - DNS: separated field "DNS forwardings" into two: one for simple server forwarding other for domain-specific
  - DNS: moved "DNS Forwardings", "Listen interfaces", "Exclude interfaces", "Local service only", options to advanced tab
  - Firewall: improved protocol field in all firewall pages by making that "All" value would be mutually exclusive with any other value
  - Mobile: improved IMS context initialization
  - Mobile: updated SMS memory management for multipart SMS
  - Mobile: added error message when attempting to enable the SIM switch without any criteria set
  - Mobile: added informative message in SIM switch page when Data/SMS limit criteria are enabled but the limits themselves are not set up
  - Mobile: moved operator list allowlist/blocklist selection to Network selection page
  - Mobile: refactored Scanned operators modal, added repeat scan button
  - Mobile: added ability to view previously scanned operators in Network selection and Operator lists pages
  - Mobile: added ability to edit operator list name and initiate scans for operators in Operator lists page
  - Mobile: updated operator code field list to include APNs from the APN database in Operator lists page
  - Mobile: split Mobile->General page into three pages: General, Connection and Utilities pages
  - Mobile: added mobile interface with highest priority APN configuration in Mobile->General page
  - Mobile: added icons with hints which show SIM card, operator, data connection statuses in Mobile->General page
  - Mobile: moved Mobile data limit section to a tab in WAN page
  - Mobile: added informative message in WAN page to indicate whether the connection will be made using APN from APN database, empty or custom APN
  - Mobile: improved logging of ping error messages
  - Mobile: added 5G SA/NSA mode selection
  - Mobile: improved modem updater to stop ping reboot service while update is in progress
  - Mobile: improved the handling of denied messages upon SIM switch
  - Mobile: added notification when a multi-IMSI SIM card is using Auto APN
  - Mobile: added validation to not allow passthrough and bridge mode when one already exists
  - Mobile: improved safeguards for modem services startup
  - Mobile: improved modem update status display
  - Mobile: added corrupted mobile statistics database restoration functionallity
  - Mobile: improved setting of IPv4 and IPv6 types inside the modules
  - Mobile: improved provider name parsing for SLM750 modem
  - Multi WAN: improved interface status representation when using load balancing
  - Network: added more options for "IPv6 assignment length" field
- Services
  - Azure IoT Hub: added DPS symmetric key attestation support
  - Azure IoT Hub: added Direct Method support
  - Azure IoT Hub: added Plug and Play integration
  - Azure IoT Hub: added link to "Data to Server" page
  - Data to Server: added support for multiple filters
  - Data to Server: improved HTTP output hostname definition with automatic protocol specification in URL
  - Data to Server: improved MQTT input connection handling
  - DNP3 Client: added option to enable/disable service
  - GRE: increased Inbound and Outbound key limit to 4294967295
  - Input/Output: added custom name support in I/O status page
  - IPsec: added certificate warning message
  - Mobile Utilities: added interface option to sms_utils cellular command
  - Mobile Utilities: improved error log message
  - Mobile Utilities: improved naming of I/O pins in initial I/O status rule
  - Mobile Utilities: sms utilities authentication brute force prevention
  - Modbus Server: added mobile last month and last week usage registers
  - Mosquitto: added large package size check for MQTT clients
  - MQTT Modbus Gateway: improved mosquitto reconnect time and service will try to recover few times before exiting
  - MQTT Publisher: improved MQTT connection handling
  - OPC UA Client: added security modes
  - OPC UA Server: added security modes
  - OPC UA Server: added service status display
  - OpenVPN: added support for decrypting private key when uploading a configuration file
  - OpenVPN: improved instance status state
  - OpenVPN: added options to specify an IP address pool for dynamic assignment to clients
  - SMPP: added brute-force prevention
  - SMPP: added TLS/SSL support
  - SMS Utilities: added security warning in "Authorization method" configuration
  - SNMP: changed interface module OID structure
  - SNMP: improved User-based Security Model (USM) brute force attack prevention measures
  - SNMP: added power voltage trap support
  - Stunnel: improved global instance settings dependencies
  - emailrelay: updated version to 2.4.1
  - OpenVPN: updated version to 2.6.9
  - stunnel: updated version to 5.72
- System
  - Access Control: added certificate key length warnings
  - Access Control: adjusted access control when all pages are blocked
  - Access Control: added certificate file download for CLI to work on all browsers
  - API Core: implemented functionality to include warning messages for vulnerable certificates
  - Boot: improved modem startup reliability
  - Package Manager: added multi package actions
  - Package Manager: added status filter
  - Package Manager: moved package upload action to main page
  - Package Manager: added links to installed packages pages
  - Package Manager: refactored "Packages" page
  - Package Manager: updated opkg repository link to use https
  - RutOS: improved GPL example page to align with new software architecture
  - Troubleshoot: refactored Modem debug section to display responses in single field, added clear button to remove received responses
  - Troubleshoot: added support for multiple syslog servers
  - UI Core: added additional message with IP address to loading screen for scenarios when redirect to different IP address happens
  - UI Core: added toast message hiding when text is too long
  - Update Firmware: added 'Firmware version' data in screen after firmware upload
  - WebUI: added functionality to cancel loading screen if it takes 30 or more seconds
  - WebUI: removed all ubus method calls from webui
  - WebUI: improved language caching
  - WebUI: added password generator for first login modal
  - WebUI: added sticky position to side menu
  - WebUI: added default password hint to login error message
  - WebUI: added warning messages for low-security certificates
  - Kernel: updated version to 5.4.276
  - libexpat: updated version to 2.6.2
  - SSL/TLS: updated version to 3.0.14
  - vue: updated version to 3.4
Fix
- Network
  - Devices: fixed missing API devices status endpoint permission
  - DHCP: fixed "DHCP option" allow empty input value
  - DHCP: fixed IPv4 leases being not correctly shown when NTP synchronizes time
  - DHCP: fixed DHCP error that occurred after changing the subnet of the LAN IP address in the setup wizard
  - Dynamic routes: fixed duplicated external routes cards
  - Firewall: fixed firewall zone validation when adding interfaces
  - Mobile: fixed low signal reconnect being available on modems where it is not supported
  - Mobile: fixed gsmctl -E output to return only json values
  - Mobile: fixed Carrier Aggregation signal strength info
  - Mobile: fixed wrong mobile data limit used data format for sms messages
  - Mobile: fixed duplicate data connection event reporting
  - Mobile: fixed an issue where low signal notifications were displayed without a SIM card
  - Mobile: fixed modem serial number acquisition after modem reboot
  - Mobile: fixed an issue when 4G-only network type selection may have resulted in a slower connection to the operator
  - Mobile: fixed issue where USSD responses were returned in HEX format instead of text format for EC200A module
  - Mobile: fixed issue where DHCP filter was not set correctly for RG501Q
  - Mobile: fixed modem restart using gsmctl
  - Mobile: fixed an issue where the wrong IP address was used after a DFOTA upgrade
  - Network: fixed overriding MAC address for interfaces that are bridged
  - Network: fixed not getting IP address when switching LAN to WAN
  - Ports Settings: fixed port advertisement change
  - Realtime Traffic: fixed mobile usage by week day translation by device language
  - SQM: fixed missing PPP mobile device selection in SQM configuration
- Services
  - BACnet: fixed incorrect BACnet IP port used for sending responses
  - BGP: fixed route map sequence going out of range
  - BGP: fixed listen range field allowing multiple entries
  - Call Utilities: fixed table header switch to be disabled if no rules were created
  - DLMS: fixed DLMS test response format
  - DLMS: fixed COSEM group validation
  - DLMS: fixed API POST error for /dlms/devices/config endpoint
  - DLMS: fixed serial connection not working after reboot
  - DNP3 Client: fixed to allow reading objects past 255 index
  - DNP3 Client: fixed incorrect hints
  - DNP3 Outstation: fixed serial outstation starting issues
  - I/O Juggler: fixed improper dout action config handling
  - I/O Juggler: updated profile change action
  - Input/Output: allow unselecting all Post/Get access methods
  - Input/Output: fixed issue when onewire configuration is not saved
  - IPsec: fixed connectivity issues when using WAN failover
  - IPsec: fixed the instance status when the local firewall option is disabled
  - Ledman: fixed issue when after some time network type LED starts blinking
  - Modbus Client: fixed test request option validation
  - Modbus Client: fixed alarm output action display values
  - Modbus Client: fixed incorrect period hint
  - Modbus Server: fixed APN register not clearing APN
  - Modbus Server: fixed 148 and 164 modbus registers
  - Modbus Server: fixed incorrect hints
  - OPC UA Server: fixed not starting while modem is down
  - OpenVPN: fixed displaying imported files from device
  - OpenVPN: fixed the private key decryption for cases when a password is used
  - OpenVPN: fixed data cipher migration
  - Overview: fixed issue when devices without WiFi send additional request without data
  - SMPP: fixed username bypass problem
  - SMPP: fixed password validation
  - SMS Gateway: fixed SMS to Email recipient formatting according to RFC5322
  - SNMP: fixed GSM mSignal OID value type
  - SNMP: fixed GSM module memory leaks
  - SSTP: fixed functionality when the default route option is not enabled
  - Web Filter: fixed whitelist not working for some hosts when using IPv6
- System
  - Administration: fixed repeated validation on cleared inputs and added validation when new password matches the old one
  - API Core: fixed API method validation during upload action
  - API Core: fixed error messages for POST method
  - API Core: fixed option list validation
  - Boot: fixed factory settings restore (firstboot) not deleting hidden files
  - Events Log: fixed refresh button in event log table
  - IP Block: fixed adding MAC addresses back to whitelist when unblocking all of them
  - Recipients: made phone number field required
  - Setup Wizard: fixed lan ip step not changing ip address
  - Troubleshoot: fixed system log and kernel log buttons to be enabled with read only rights
  - Update Firmware: fixed misleading "Firmware version" status of "N/A" to "FOTA service is disabled" when FOTA is disabled
  - Update Firmware: fixed issue when infinite spinner appears after updating device firmware from server without having internet connection
CVE Patches
- Patched CVE-2023-52425
- Patched CVE-2023-52530
- Patched CVE-2024-25629
- Patched CVE-2024-28757

TRB16_R_00.07.07.3 | 2024.06.12

Initial firmware release