corniger

Release 5.0.12 (stable): Ethernet: resolved an issue in the Ethernet switch that affected the handling of 802.1Q frames with VLAN ID 0 [SYS-1785] HTTP: disabled HTTP/2 support to mitigate security vulnerabilities, including CVE-2026-49975, related to an HPACK out-of-memory (OOM) attack [NDM-4499] IP: improved the handling of non-exclusive FQDN-based routes when the destination interface is unavailable [NDM-4358] IPv6: fixed the 'ip policy no ipv6 route' command operation [NDM-4467] Mobile: added support for the six-digit PLMN mobile network operator identifier format in the command-line interface [SYS-1773] MWS: fixed the 'the controller DPN document is not accepted' error that occurred when acquiring an extender under certain conditions [NDM-4452] Web: resolved an issue that caused the wrong number of copies to be printed when users printed wireless network information from the mobile view (reported by @dimon27254) NWI-4858

Release 5.1 Beta 4 (preview) MWS: fixed the 'the controller DPN document is not accepted' error that occurred when acquiring an extender under certain conditions [NDM-4452] Web: sorted the client list alphabetically when adding a custom view to the Traffic Monitor page (requested by @dimon27254) [NWI-4827] WireGuard: fixed the 'invalid I1 value' error that occured when importing certain configurations [NDM-4472]

Release 5.1 Beta 3 (preview) Ethernet: resolved an issue in the Ethernet switch that affected the handling of 802.1Q frames with VLAN ID 0 [SYS-1785] Mobile: added support for the newer 6-digit mobile network operator PLMN identifiers [NWI-4838] Web: resolved an issue with the Firewall Rule editor (reported by @spatiumstas) [NWI-4835] Web: resolved the issue with WISP connections to networks that have special characters in their names [NWI-4836]

And if you want not the setting as it is currently implemented (ie to use direct mode KeenDNS name, which at moment works on a system primary connection, be noted - backup connections won't get pointed to until become primary), but actually post a feature request (as per forum section), then there's little chance it is automated. System would have to store certificate issued for IP address (not domain name), which is uncommon and also not secure. sorry I'm not telling more, as simple AI question reveals a bunch of 'why's it is not recommended even from a user point of view. In a case this address is dynamic, for one, router will have to request new certificate and revoke the old one each time the change happens, This is definitely not what your CA provider expects. And if you suddenly get the CG-NAT you instantly lose access (which wouldn't be a problem with KeenDNS solution, as it can automatically fall back to cloud base). I simply had a thought as there was an example above, where protocol is https and address is actually the IPv4 number. this is not how it works, usually Please confirm if you want specifically access via HTTPS protocol using cleartext IP of your router, and if that is the case, then any details you can share may be of help.

If you want to access over your public IPs, though, there's no need to set up anything apart from opening the HTTP access on the Management - Users & Access - Inbound Management Access: apply HTTP + HTTPS. mind that this will not be secure, as you'll be using plain http to open website by its IP address. not recommended in WAN scenario. recommended practice is to use KeenDNS - it has Direct mode where your traffic goes via your IP directly, not using cloud bounce all this is in KB by the way, try support section on the Keenetic website

Release 5.1 Beta 2 (preview) Mobile: enabled the display of signal level, band, downlink and uplink frequency, BSSID, TAC/LAC, and PCI/PSC data, where available during mobile network scans with Hero 5G (KN-4110) devices [NWI-4800] MWS: added support for mobile network scanning with embedded 5G/4G modems on Wi-Fi System Extenders [NWI-4802] MWS: enabled the display of connection details for client devices connected to Wi-Fi System Extenders via Ethernet [NDM-4429] Web: adjusted the height of the list on the Application Traffic Analyser page (reported by @dimon27254) [NWI-4819] Web: resolved the issue that occurred when changing the network port speed on the System Settings page [NWI-4833] Web: updated the Wi-Fi Network Settings editor window to resolve the issue when configuring the WPA Enterprise protection [NWI-4806] Web: fixed the display of the current time in the schedule editor [NWI-4815] Web: resolved the scrolling issue for the mobile view of the Application Traffic Analyser page [NWI-4816] Web: fixed the display of transmitted traffic statistics for unregistered clients on the Client Lists page (reported by @x13) [NWI-4834] Web: fixed the Download Station application operation [NWI-4826] Web: fixed several issues with the Wi-Fi settings (reported by @spatiumstas, @keenet07) [NWI-4813] Web: adjusted the contrast of table elements to improve readability (requested by @spatiumstas) [NWI-4805] Web: removed the unnecessary 'Delete' button from the WireGuard VPN Server connection statistics window in mobile view [NWI-4809] Web: updated the Traffic Monitor card on the Dashboard page for better performance in mobile view [NWI-4779] Wi-Fi: updated the MediaTek Wi-Fi 7 SoC firmware and wireless driver to improve stability, compatibility, and performance in various Wi-Fi operation scenarios [SYS-1772] WireGuard: fixed the issue with multiple connections operation after a device restart (reported by @tkost, @Robespierre) [NDM-4418]

Release 5.0.11 (stable): Mobile: improved mobile modem operation to resolve an issue affecting certain SIM cards [NDM-4424] interface {name} esim disable MWS: resolved the issue where wireless-only segments were missing from extenders under certain conditions [NDM-4420] SSH: fixed an issue that could prevent the session timeout from being applied correctly [NDM-4406] Web: adjusted the height of the list on the Application Traffic Analyser page (reported by @dimon27254) [NWI-4819] Web: fixed the display of the current time in the schedule editor [NWI-4815] Web: resolved the scrolling issue for the mobile view of the Application Traffic Analyser page [NWI-4816] Web: fixed the Download Station application operation [NWI-4826] Web: removed the unnecessary 'Delete' button from the WireGuard VPN Server connection statistics window in mobile view [NWI-4809] Wi-Fi: fixed the 2.4 GHz channel width display on models using MT7628 or MT7603 [SYS-1755] Wi-Fi: updated the MediaTek Wi-Fi 7 SoC firmware and wireless driver to improve stability, compatibility, and performance in various Wi-Fi operation scenarios [SYS-1772] WireGuard: fixed the issue with multiple connections operation after a device restart (reported by @tkost, @Robespierre) [NDM-4418]

Release 5.1 Beta 1 (preview) Web: enabled the option to choose the connection when configuring custom IPv6 DNS servers [NWI-4799] Web: enhanced the Assignment column to better fit larger client device lists in the Application Filter menu (requested by @FLK) [NWI-4781] Web: fixed the navigation to the File Browser from the System Dashboard page in a specific case (reported by @iggo) [NWI-4796] Web: updated the IPv6 section on the Firewall page to allow selection of the OPKG tunnel interfaces (reported by @avn) [NWI-4776] Wi-Fi: fixed the 2.4 GHz channel width display on models using MT7628 or MT7603 [SYS-1755]

Release 5.1 Beta 0.3 IPv6: fixed the web interface operation when IPv6 was turned off with 'system set net.ipv6.conf.all.disable_ipv6 1' command (requested by @gaaronk) [NDM-4303] LTE: reduced the delay when switching between slots of a dual-SIM modem on Hopper 4G+ and Hero 5G models [NDM-4379] PingCheck: fixed the switch to the backup connection with an unconfigured availability check in case the higher-priority connection check fails [NDM-4392] SSH: fixed an issue that could prevent the session timeout from being applied correctly [NDM-4406] Tools: added an option to set the DF (Do Not Fragment) bit in the ping utility via the command line interface [NDM-4391] Web: fixed missing localization in the confirmation dialogue when turning off Wi-Fi (reported by @project_fcc) [NWI-4791] Web: corrected the notification that appears when turning off all access points in the wireless band (requested by @dimon27254) [NWI-4783] Web: fixed an issue where the selected Automatic theme would switch when printing the wireless network information (reported by @dimon27254) [NWI-4773] Web: fixed issues with the wireless roaming settings on the Access Points page (reported by @dimon27254) [NWI-4778] Web: corrected the display of the storage icon at certain screen resolutions (reported by @dimon27254) [NWI-4693] Wi-Fi: fixed a potential crash and memory leak that could occur when connecting to a Wi-Fi 7 network using WPA3-SAE after changing the wireless settings [SYS-1749]

Release 5.0.10 (preview → stable): LTE: reduced the delay when switching between slots of a dual-SIM modem on Hopper 4G+ and Hero 5G models [NDM-4379] OpenSSL: library upgraded to 3.5.6/3.0.20 to address multiple security vulnerabilities [NDM-4402] CVE-2026-28386 CVE-2026-28387 CVE-2026-28388 CVE-2026-28389 CVE-2026-28390 CVE-2026-31789 CVE-2026-31790 Web: corrected the display of the storage icon at certain screen resolutions (reported by @dimon27254) [NWI-4693] Wi-Fi: fixed a potential crash and memory leak that could occur when connecting to a Wi-Fi 7 network using WPA3-SAE after changing the wireless settings [SYS-1749]

Release 5.0.9 (preview): Core: fixed a memory leak in the API parsers for IPv6 addresses and prefixes [NDM-4376] HTTP: addressed the CVE-2026-28753 security vulnerability in the web interface service [NDM-4368] NDNS: fixed the incorrect 403 Forbidden status when accessing the device name in cloud mode over IPv6 [NDM-4378] VLAN: resolved the issue that caused the 'VLAN ID is busy' log messages to appear when adding network segments [NDM-4363] VLAN: fixed the 802.1q egress priority setting for packets with non-zero DSCP mark [NDM-4342] Web: added sorting by name and traffic transmitted to the WireGuard connections list (requested by @Алексей Микин) [NWI-4732] Web: added an option to turn off the WireGuard peer in the 'Connect via' selector [NWI-4756] Web: fixed the Dashboard link to the Active Connections tab in Diagnostics [NWI-4743] Web: fixed the charts display on the Traffic Monitor page [NWI-4758] Web: fixed the reorder operation for connections on the Connection Policies page (reported by @spatiumstas) [NWI-4740] Web: fixed scrolling on the Application Traffic Analyser page [NWI-4726] Web: fixed the partition size display on the Applications page (reported by @spatiumstas) [NWI-4495] Web: fixed the logo font and colour in the header (requested by @dimon27254 et al) [NWI-4771] Web: removed the toggle's own status display (reported by @KeyYerS) [NWI-4742] WSD: corrected the packet format for Probe and Hello messages to fix the reboot issue with NETSurveillance video cameras [NDM-4387]

Release 5.1 Beta 0.2 Core: fixed a memory leak in the API parsers for IPv6 addresses and prefixes [NDM-4376] NDNS: fixed the incorrect 403 Forbidden status when accessing the device name in cloud mode over IPv6 [NDM-4378] Web: restored the Wi-Fi band selection option for registered clients (reported by @Gonzik) [NWI-4774] Web: fixed the logo font and colour in the header (requested by @dimon27254 et al) [NWI-4771] Wi-Fi: restored the ability to configure different SSIDs for 2.4 and 5 GHz in the same segment (reported by @keenet07, @Robespierre) [NDM-4343] WSD: corrected the packet format for Probe and Hello messages to fix the reboot issue with NETSurveillance video cameras [NDM-4387]

Release 5.1 Beta 0.1 HTTP: addressed the CVE-2026-28753 security vulnerability in the web interface service [NDM-4368] MWS: added support for eSIM, SMS, and USSD operations on embedded 5G/4G modems for Wi-Fi System extenders [NWI-4738] NTCE: turned off the display of application traffic statistics by default for models with RAM sizes less than 256 MB [NDM-4367] VLAN: resolved the issue that caused the 'VLAN ID is busy' log messages to appear when adding network segments [NDM-4363] Web: enhanced the Client Lists page to display information on the client device's currently used connection policy, traffic sent and received, and IPv6 addresses [NWI-4707] Web: added sorting by name and traffic transmitted to the WireGuard connections list (requested by @Алексей Микин) [NWI-4732] Web: implemented the primary SIM fallback control support for models with embedded dual-SIM modem [NWI-4755] Web: added a dedicated wireless networks configuration page [NWI-4675] Wi-Fi: updated protection from attacks on client isolation feature, such as AirSnitch [SYS-1725]

Release 5.1 Alpha 7 AFP: removed support for the obsolete Apple Filing Protocol® (AFP) in favour of SMB file sharing [NDM-4352] DNS: enhanced the retrieval of cached name resolution responses to ensure proper functionality of FQDN-based routes (reported by @dimon27254) [NDM-4305] DynDNS: fixed the 'domain must be filled for custom type' error preventing operation with custom servers (reported by @snark) [NDM-4341] VLAN: fixed the 802.1q egress priority setting for packets with non-zero DSCP mark [NDM-4342] Web: added an option to turn off the WireGuard peer in the 'Connect via' selector [NWI-4756] Web: fixed the Dashboard link to the Active Connections tab in Diagnostics [NWI-4743] Web: fixed the charts display on the Traffic Monitor page [NWI-4758] Web: fixed the order of traffic download and upload values on the Internet card [NWI-4746] Web: fixed the reorder operation for connections on the Connection Policies page (reported by @spatiumstas) [NWI-4740] Web: fixed scrolling on the Application Traffic Analyser page [NWI-4726] Web: fixed the SFP port information display on the Dashboard page (reported by @Ваджио) [NWI-4749] Web: fixed the partition size display on the Applications page (reported by @spatiumstas) [NWI-4495] Web: removed the toggle's own status display (reported by @KeyYerS) [NWI-4742]

Release 5.0.8 (preview): Web: fixed the management port number setting [NWI-4747] Web: improved the port forwarding rule management buttons for the mobile view of the registered client settings (reported by @dimon27254) [NWI-4672] Web: corrected the sorting of clients by IP address in the client lists (reported by @dimon27254) [NWI-4677] Web: corrected the free SMS memory display for certain modem models [NWI-4692] Web: fixed the cog icon hover on the dashboard in dark theme (reported by @spatiumstas) [NWI-4712] Web: fixed the automatic update of the active connections display (reported by @mega1volt) [NWI-4713] Web: corrected the language set reset upon manual update [NWI-4703] Web: fixed the tooltip display at the right edge of the Wi-Fi Monitor graph for wider screens (reported by @keenet07) [NWI-4717] Web: fixed excessive polling of the Captive Portal service (reported by @spatiumstas) [NWI-4368] WSD: confined Hello messages by the Bridge0 interface by default [NDM-4314] Wi-Fi: fixed the handler for turning wireless on and off on devices with a single hardware button [NDM-4326] WSD: modified the Hello message format to resolve the reboot issue for certain IP cameras (reported by @dimon27254) [NDM-4331] IPsec: fixed the blocking of the inter-process communication socket [NDM-4332] IP: corrected the flushing of sessions that utilize the FQDN-based route [NDM-4336]