D-Link Forums

The Graveyard - Products No Longer Supported => Access Points / Extenders => DAP-1720 => Topic started by: GreenBay42 on August 10, 2018, 10:06:49 AM

Title: DAP-1720 KRACK Firmware v1.10B03 BETA Released
Post by: GreenBay42 on August 10, 2018, 10:06:49 AM

BETA firmware v1.10B03 has been released. This firmware is a security patch for the WPA2 Vulnerability (KRACK).

Firmware - ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DAP-1720/REVA/DAP-1720_REVA_FIRMWARE_PATCH_v1.10B03_BETA.zip (ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DAP-1720/REVA/DAP-1720_REVA_FIRMWARE_PATCH_v1.10B03_BETA.zip)

---

Release Notes:

Problems Resolved:
A WPA2 wireless protocol vulnerability was reported to CERT//CC and public disclosed as: VU#228519 - Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse.

The following CVE IDs have been assigned to VU#228519. These vulnerabilities in the WPA2 protocol:
• CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
• CVE-2017-13078: reinstallation of the group key in the Four-way handshake
• CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
• CVE-2017-13080: reinstallation of the group key in the Group Key handshake
• CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
• CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association Request and reinstalling the pairwise key while processing it
• CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
• CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
• CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
• CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

Title: Re: DAP-1720 KRACK Firmware v1.10B03 BETA Released
Post by: jslenterprises on July 30, 2020, 12:07:03 PM

Any idea how to downgrade back to the 1.01 firmware that was not "beta", wifi keeps cutting out every 15 minutes (exactly) when connecting under firmware 1.10 (many devices)

does the emergency firmware recovery method also work for this extender as it does on others (like the older 1665)?

Title: Re: DAP-1720 KRACK Firmware v1.10B03 BETA Released
Post by: FurryNutz on July 30, 2020, 02:34:58 PM

Yes if Recovery mode is supported, use that mode to apply v1.01.
I would contact D-Link support and let them know what your having problems with.