SG 5 Update #17
Note:
- It is recommended to reboot the gateway (via Admin GUI or CLI) after applying this update in order for some of the fixes to apply, namely the CVE-2026-31431 vulnerability fix and the network performance tuning.
- This update comes with HA-specific features:
- This update will apply automatically to the connected HA peer if the peer is already at 16 or 17 update level.
- If the connected peer’s update level is lower than 16 or higher than 18, the update will abort prematurely and not apply anything on either machine.
This update includes the following enhancements:
- Add Microsoft Graph API support for sending email
- Allows a static destination-based route out Management Port or one of the WAN links to specify its source IP behaviour:
- Use Floating IP,
- Selecting this allows packets following this static route out the specified interface to pick up the floating IP as the source IP
- Note: if floating IP is disabled, this route will not be brought up.
- Selecting this allows packets following this static route out the specified interface to pick up the floating IP as the source IP
- Use Physical IP, or
- Default (will use physical IP, even in the presence of floating IP)
- Use Floating IP,
- SMPP Settings GUI enhanced to allow configuration of more fields that are sent to the configured SMPP server
- New fields added: Source/Destination Type of Number (TON) and Numbering Plan Identification (NPI)
- PMS enhancement:
- Cybersource – Logs API messages inside PHP log (/log/php/php.log) for enhanced troubleshooting
- Security enhancements:
- Prevents various kernel vulnerabilities: CVE-2026-43284, CVE-2026-43500, CVE-2026-46300, CVE-2026-31431, CVE-2026-31635
- Web server enhancements:
- Improved stability
- Resolved some vulnerabilities: CVE-2026-42945, CVE-2026-49975
- Network performance tuning
- Set RX/TX ring buffer size of LAN and WAN network ports to the maximum values allowed by the hardware
- Client Manager update for improved ARP responsiveness in the rare situation where database becomes sluggish
This update contains the following fixes:
- Networking-related fixes:
- Fixed network device’s permanent ARP entry not being brought up when its associated WAN interface is brought down and then up
- Fixed some static routes not being brought up when interface is brought up, e.g. upon system power-up
- Moved unauthenticated users to a dedicated QoS tier enjoying the full bandwidth allowed by the gateway. This resolved the issue where unauthenticated users are not getting landing page when the None QoS tier is already heavily utilized by authenticated users.
- Fixed downstream users in a QoS class (with no per-client/account rate limit) experiencing slowness when there are many users in the same QoS class
- Fixes for downstream authentication:
- Fixed MAC-blocked device gaining internet access under an auto-login location
- Shiji PMS – Resolved the issue where guest info retrieval fails, returning an “Invalid filter syntax” error
- Admin GUI fixes:
- Fixed load-balancer monitor page not showing weight and other data in the right order
- Fixed not being able to disable an existing user account
- Fixed port forwarding editor panel always showing LAN NO VLAN for an existing port forwarding rule that is not going through LAN NO VLAN
- Fixed date search for various listing pages: accounts, device monitor, device log, credit card log, admin audit log.
- Added admin audit trail for editing of WAN Firewall rules
- Resolved the issue where adding a pre-existing static route that is not through LAN caused the interface selection to toggle to LAN in the response page
- Fixed not being able to clean up session log entries when there are a huge number of them
- Fixed not being able to retrieve software version information from HA peer when HA peer is under certain SSH load.
- This resolved the issue where ASP wrongly determined that there was software version mismatch between the HA nodes and sent out notification emails.
- Fixed a rare problem where lawful intercept did not start logging upon service start
- Fixed malformed SMPP packet sent out by the gateway
- Fixed GUI-triggered Change HA ID causing the machine to get stuck in the passive mode
Package name: 17.SG5000_base-sys-bulk08-20260430-01.pkg
MD5 checksum: 69ae7a7081ca5d03b3853e64b7ee44e4 (updated 6 Jul)
File size: 130 MB
Release date: 2 July 2026
