The Graveyard - Products No Longer Supported > DIR-890L
Firmware 1.20B01 Released - SECURITY PATCH
GreenBay42:
The ZIP file will include 2 firmware files, release notes, and instructions.
Install v1.11B04 first, reboot, then install 1.20b01, reboot. It is recommended to perform a hard reset (paper clip in reset hole for 10 seconds) after updating.
DO NOT SKIP v1.11B04. Updating to 1.20B01 directly will not fix all issues.
Firmware - ftp://FTP2.DLINK.COM/PRODUCTS/DIR-890L/REVA/DIR-890L_REVA_FIRMWARE_PATCH_v1.20B01.zip
Release Notes:
* Add Firmware Protection to BIN file and System
* WAN && LAN - XSS exploit (CVE-2017-14413, CVE-2017-14414, CVE-2017-14415, CVE-2017-14416)
* WAN - Weak Cloud protocol (CVE-2017-14419, CVE-2017-14420)
* WAN && LAN - Stunnel private keys (CVE-2017-14422)
* WAN && LAN - Nonce brute forcing for DNS configuration (CVE-2017-14423)
* Local - Weak files permission and credentials stored in clear text (CVE-2017-14424, CVE-2017-14425, CVE-2017-14426, CVE-2017-14427, CVE-2017-
14428)
* LAN – DoS attack against some daemons (CVE-2017-14430)
* Security fixes to PHP CGI files to mitigate exposing credentials
* Correct stack overflow vulnerability caused by HNAP
samukets:
When I do a hard reset can I use the old settings saved in .bin and load them into the new firmware?
FurryNutz:
I recommend setting up from scratch after doing one more factory reset after the router processes the file. There is a few versions between the last official release version and v1.20. So I would just set up from scratch again then save off a new config to file after everything is set up on v1.20.
--- Quote from: samukets on October 08, 2017, 12:45:07 PM ---When I do a hard reset can I use the old settings saved in .bin and load them into the new firmware?
--- End quote ---
samukets:
Here QOS configs dont save...
FurryNutz:
Huh?
--- Quote from: samukets on October 08, 2017, 01:33:08 PM ---Here QOS configs dont save...
--- End quote ---
Navigation
[0] Message Index
[#] Next page
Go to full version