RPS, Technical information, IT-HIST-NETMAN208 -108.
--------------------------------------------------------------------------------
Subject: Firmware history for systems NETMAN 208.
M. Marcon, Date: 23/12/25
--------------------------------------------------------------------------------
Modification category:
S=security
N=new feature
I=improvement
B=bug fix
C=critical bug fix
T=technical
--------------------------------------------------------------------------------
FW108-0112.zip: fw108-0112.app208   [23/12/25] MD5: see attached JSON

S  - Fix for unauthenticated SQL injection during login web
S  - Fix for remote command execution via arbitrary file upload
S  - Fix for Stored cross-site-scripting bug with banner section
B  - Event Log download file / Fix for correct 'eventlog.csv' filename downloaded
B  - Modbus internal pool logic fix

--------------------------------------------------------------------------------
FW108-0111.zip: fw108-0111.app208   [07/07/25] MD5: see attached JSON

S  - CVE fix for Linux system image (CVE-2025-26465, CVE-2025-32728, 
     CVE-2017-3145, CVE-2018-5738, CVE-2018-5740, CVE-2018-5743, CVE-2018-5744,
     CVE-2015-20107, CVE-2017-3143, CVE-2018-5741, CVE-2018-5745, CVE-2016-3709,
     ... +minor severities)
S  - CVE fix for Web pages modules (CVE-2021-23445, CVE-2020-28458,
     CVE-2019-8331, CVE-2018-20677, CVE-2018-20676, CVE-2018-14042,
     CVE-2018-14040, CVE-2016-10735)
S  - Internal improvements for firmware updated security
I  - Improved compatibility with a specific Nagios plugin
B  - MODBus app version register did not respond correctly
B  - MODBus sensors values were incorrect in some circumstances
B  - Sensors digital output was managed incorrectly in some circumstances
T  - When Riello Connect service is enabled, the Datalog service is also enabled
     because the former requires the latter
T  - MPW can now have Datalog service enabled
T  - Updated build scripts

***************************
After the FW SYS 1.5 update:

 - “CONFIGURATION -> “NETWORK”
please click to “SAVE” button in the Web page for applying Network settings

 - “CONFIGURATION” -> “DATE & TIME” -> “NTP & Timezone”:
if user has set a Timezone and/or a NTP Server, please click to “SAVE” button in the Web page for applying Date/time NTP settings
***************************

--------------------------------------------------------------------------------
FW108-0110.zip: fw108-0110.app208   [03/06/25] MD5: see attached JSON

S  - [CVE-1999-0524] ICMP Timestamp reply mitigation
I  - [WISH-218] Added a configurable name on the sensors and now sensors are referenced by name on Web pages and emails
I  - Added GPSER commands RDB and RDP for newer modular UPSs and published the values over MODBus protocol
I  - Optimized SNMP device and vendor name for some hardware configurations
I  - Added new command Serial Number on SENTR devices
I  - Email event on battery now includes the remaining battery autonomy
I  - Strength improvement of login process
I  - Passwords can be shown by request of User (mouse click over EYE symbol)
I  - Optimized NTP configuration with reduced requests to external unwanted servers
B  - [RULC-01619] Fix email report showed incorrect nominal data on some circumstances
B  - [BUG-215] Fix for Backslash "\" char read as escape char in configuration parameters (old SAMAccount Windows server format), for example for VMWare service
B  - [BUG-214] Fix RielloConnect service no longer show "Network problem" status while starting: now shows "Starting" state
B  - [BUG-174] Fix UPS shutdown action at the end of SSH client was not correctly performed
B  - [BUG-212] Fix Test email was not sent if no events are enabled
B  - [BUG-027] [BUG-026] Fixed the factory reset action didn't reset completely the network configuration
B  - Fix sensors IDs were incorrectly managed on some circumstances
B  - Fix on some circumstances the NTP server configuration might not be updated
T  - Cleaning Service Log unwanted files
T  - NTP configuration file added to Service Log

--------------------------------------------------------------------------------
FW108-0108.zip: fw108-0108.app208   [21/03/25] MD5: see attached JSON

N  - Added connectivity check
I  - Added support to D/D and D/O GPSER commands
I  - Improved MODBus protocol with values from D/D and D/O
I  - Login and password logic improved with stronger password recovery
I  - Email sent for too many failed login attempts
I  - Email sent for sensor notification
I  - Several web improvements
B  - Fix MODBus value OUTPUT POWER VA for GPSER
B  - Fix mac address for S/A command

--------------------------------------------------------------------------------
FW108-0107.zip: fw108-0107.app208   [14/10/24] MD5: see attached JSON

I  - Implementation of HTTPS Test certificate
I  - View HTTPS Certificate improvement
I  - several web improvements
I  - Improvements to JSON TRAP
I  - Password Strength advice visible as colors Red,Orange,Green in some password fields
I  - Added enhanced reading and writing capabilities to MODBUS for some UPS devices
I  - Improved management of some GPSER families
B  - FTP settings was not correct under some circumstances
B  - Fix for LDAP problem with AD (optimized with direct search, avoiding AD limit of 1000 results)
B  - Fix BUG-045 (UPS shutdown after ssh client reboot)
B  - Fix time synchronization with some UPS models
B  - Fix Datalog for RielloConnect service

--------------------------------------------------------------------------------
FW108-0106.zip: fw108-0106.app208   [09/09/24] MD5: see attached JSON

N  - Internet Connectivity Check test via Web page
N  - Warning when Local user "Admin" has the default password (suggestion to change it)
N  - View of  Network Active Connections
I  - GMI mode added for type 0 and type 1
I  - Added UDP commands On Bypass and On Inverter
I  - RESET PASSWORD from SERVICE now improved with more security: the old algorithm has been replaced by a Key enchipered method
I  - HTTP Web page request is redirected to HTTPS if HTTPS is enabled
I  - Added POWER and VIEW user roles configurable (only by ADMIN user)
I  - Cookies strenghted (Httponly / SameSite / Secure)
I  - HTTPS Web with IPv6 (if enabled)
I  - Web Browser Engined strenghted (X-Frame)
I  - Web Input fields checked and strenghted
I  - Introduction of Login Failed mechanism with user locking mechanism for LOCAL and LDAP users
I  - LOCAL users passwords with custom complexity rules
I  - Expert Shell now in Web browser
I  - Web browser improvement
I  - JSON License file upload via Web
I  - Message to enable Datalog if disabled
I  - Bacnet address extended to maximum
I  - Web pages security access improved
I  - Email for environmental sensors can now be configured
I  - Improved email alarm text
I  - Improved security
I  - User logs more detailed
B  - Fix BUG-138
B  - Input-output position were previously reversed for SNMP/BACNET
B  - Nutanix connection did not manage correctly the change of SSH hosts
B  - Sensors web page behaviour fixed
B  - Environmental sensor output was reversed
B  - Fixed sensors communication issues that occurred on some boards
B  - Astarte reset didn't work correctly
B  - Fixed a memory leak condition
T  - Bacnet IP address field removed (not used)
T  - Improved temporary file writing
T  - Automated reboot on critical /tmp conditions
T  - Better management of input current for some UPS models

--------------------------------------------------------------------------------
FW108-0105.zip: fw108-0105.app208   [14/03/24] MD5: see attached JSON

I  - User logs more detailed
B  - The UPS could be incorrectly shutdown by means of scanning software
T  - Version name was incorrectly managed

--------------------------------------------------------------------------------
FW108-0104.zip: fw108-0104.app208   [05/12/23] MD5: see attached JSON

N  - Added support to RielloConnect service
N  - Added support to 802.1X networks
I  - Added support to compatible environmental sensors
I  - Improved certificate management for LDAP, HTTPS and 802.1X
I  - Improved MODBus table by adding support to more flags
I  - Improved serial autobauding for newer devices
I  - Several web page improvements
B  - DNS configuration
B  - Fixed SMS messaging, previously didn't work correctly
B  - Fixed LED blinking logic
B  - BACNet port is now correctly managed
B  - SSH client service could stop working in some circumstances
T  - Added support to MP2, M2S, M2X, M2U
T  - Improved code quality
T  - Improved internal logs

--------------------------------------------------------------------------------
FW108-0103.zip: fw108-0103.app208   [02/08/23] MD5: see attached JSON

I  - The web page now always show the last 5 entries of the event log
I  - The web page now always show the current date and time
I  - Web firewall page now accepts subnets
I  - Web pages improvements and fixes
B  - On some circumstances Nutanix service would not start
T  - Added recovery version to the JSON

--------------------------------------------------------------------------------
FW108-0102.zip: fw108-0102.app208   [20/06/23] MD5: see attached JSON

B  - Syslog service wasn’t working correctly
B  - LDAP login wasn’t working correctly on some circumstances
B  - The password recovery wasn’t working correctly
B  - The ESXi vCenter Server Appliance (VCSA) on some circumstances would not
     perform the configured turning on after system shutdown
B  - On some circumstances the data log download would fail
B  - On some circumstances SNMP Traps could be sent also with the selection flag
     disabled
B  - The Netman 208 update available notification wasn’t working correctly
B  - The configuration of the time zone would stall indefinitely
I  - Many performances improvements, text changes and code optimizations

--------------------------------------------------------------------------------
FW108-0101.zip: fw108-0101.app208   [29/03/23] MD5: see attached JSON

First release

--------------------------------------------------------------------------------
