D-Link IP Cameras for Home > DCS-933L

New - DCS-933L Rev A - Firmware v1.14 B11 Comments & Observations

(1/2) > >>

D-Link posted DCS-933L Rev A firmware version,which can be downloaded from Mydlink.com: DCS-933L Rev A  - Firmware v1.14 B11 Download.
Scroll to the right and select the DCS-933L camera.
Or from USA site:
DCS-933L Rev A  - Firmware v1.14 B11 Download.

Problems Fixed
1. Fixed an issue where IP Camera might fail to establish a PPPoE connection if PPP Discovery phase fails.
2. Fixed an issue that Time zone setting for Minsk should be GMT+3.
3. Fixed the “RSA-CRT key leaks” vulnerability.
4. Fixed the “LANDAP stack overflow” vulnerability.
5. Remove the “Arbitrary file upload interface” vulnerability.
6. Fixed vulnerability - Authenticated Arbitrary File Upload with Root Privileges.
7. Fixed vulnerability - Authenticated Root OS Command Injection in File Upload.
8. Fixed an XSS vulnerability - Stored XSS in User Name.
9. Fixed an XSS vulnerability - Reflected XSS in HTTP Host Header.

New Features
1. Upgrade mydlink agent to 2.1.0-b43.
2. The default date and time settings are changed to 2017-01-01, 00:00:00.
3. Updated ActiveX control and Java applet with renewed code-signing certificate.
4. Change the HTTPs self-signed certificate to SHA2 algorithms.
5. Support Mydlink UID mechanism
6. Change the support page hyperlink of Firmware Upgrade web-UI to www.dlink.com.
7. Updated OpenSSL to v1.0.1t.
8. Updated mDNSResponder to 625.41.2.
9. Update the years in the copyright statement for IP Camera’s web-UI to 2016.
10. Add authentication to CGI /config/stream_info.cgi.
11. Offer the password validation on console port. (Console’s Password is synchronized with the admin’s password)

[*]DCS-933L - Firmware Release Notes
[*]Network Cameras - Important Posts & Information
[*]Network Cameras - Beta Firmware Terms and Conditions
[*]Network Cameras - Why Have Multiple Hardware Versions for the Same Model?


Please post your comments and observations as a reply to this thread.

 :)  ;)  :)

Update went well.

Still can't directly access individual pages of the web UI (still getting the "forbidden" message), but at least they didn't block the "referrer" trick when using curl.

I presume directly URL may not be supported any longer. Maybe a security issue they are concerned with.


Someone needs to update the support page at http://support.dlink.com/ProductInfo.aspx?m=DCS-933L  as the latest version there is 1.13.

Rather annoying to go through the process of downloading and installing assuming that someone was actually maintaining that page. If I wasn't on the forums, I'd have kept wasting time trying to upgrade and getting messages that I have to upgrade.

Sometimes D-Link doesn't update the support.dlink.com site and the mydlink.com site is not kept in sync. Users are encouraged to check both sites or check here in the forums as I try to keep the forum users up to date as i check both sites as well.


[0] Message Index

[#] Next page

Go to full version