D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DIR-655 => Topic started by: FurryNutz on January 17, 2019, 07:31:12 AM

Title: DIR-655 Rev C Only v3.02 Build 05 Beta 03 FW Security Release
Post by: FurryNutz on January 17, 2019, 07:31:12 AM
Firmware: v3.02 Build 05 Beta 03   01/17/2019 NA Region Only!

Release Notes
Problems:
We have uncovered several critical flaws in the D-Link DIR-655 consumer grade router. In conjunction these issues allow an attacker to remotely take control of a user's device if they visit a malicious webpage.

The issues are as follows:
● Command injection via device configuration setting
● Setup wizard can be used to reset password to default
● Cross-site request forgery
● Multiple reflected cross-site scripting issues

Joel St. John
Security Consultant
NCC Group

Enhancements:
None

Get it here: Select Rev C from the drop down menu.
DIR-655 Rev C (https://support.dlink.com/ProductInfo.aspx?m=DIR-655)

Follow this for updating:
FW Update Process (http://forums.dlink.com/index.php?topic=42457.0)

Let us know how it works for you...
Title: Re: DIR-655 Rev C Only v3.02 Build 05 Beta 03 FW Security Release
Post by: FurryNutz on January 26, 2019, 03:15:33 PM
So wanted to test to see what actual WAN To LAN speeds are for the Rev C and this version of FW.
This is with QoS, TS and True Gigabit Routing disabled:
BPS=530,737,024
  0: 46,488,357 (371,906,856 bps)
  1: 66,511,787 (532,094,296 bps)
  2: 66,976,737 (535,813,896 bps)
  3: 65,379,002 (523,032,016 bps)
  4: 66,734,472 (533,875,776 bps)
  5: 65,465,179 (523,721,432 bps)
  6: 66,503,397 (532,027,176 bps)
  7: 66,448,031 (531,584,248 bps)
  8: 66,084,879 (528,679,032 bps)
  9: 66,984,711 (535,877,688 bps)
 10: 67,167,528 (537,340,224 bps)
 11: 66,705,545 (533,644,360 bps)
 12: 67,268,472 (538,147,776 bps)
 13: 65,225,166 (521,801,328 bps)
 14: 66,597,340 (532,778,720 bps)
 15: 66,486,703 (531,893,624 bps)
 16: 65,779,508 (526,236,064 bps)
 17: 66,241,101 (529,928,808 bps)
 18: 65,960,850 (527,686,800 bps)
 19: 66,090,152 (528,721,216 bps)
RWIN=1460000
RTT=1.318 ms
BDP=8,423,431,966 bps

Looks like 500Mb+ speeds are it's max.

This is with True Gigabit Routing enabled.  :o
BPS=275,303,880
  0: 32,756,306 (262,050,448 bps)
  1: 33,937,633 (271,501,064 bps)
  2: 34,123,057 (272,984,456 bps)
  3: 34,340,543 (274,724,344 bps)
  4: 34,127,122 (273,016,976 bps)
  5: 34,299,138 (274,393,104 bps)
  6: 34,234,184 (273,873,472 bps)
  7: 34,161,776 (273,294,208 bps)
  8: 34,467,918 (275,743,344 bps)
  9: 34,295,283 (274,362,264 bps)
 10: 34,560,925 (276,487,400 bps)
 11: 34,235,117 (273,880,936 bps)
 12: 34,208,481 (273,667,848 bps)
 13: 34,415,645 (275,325,160 bps)
 14: 34,266,814 (274,134,512 bps)
 15: 34,531,351 (276,250,808 bps)
 16: 34,545,908 (276,367,264 bps)
 17: 34,598,716 (276,789,728 bps)
 18: 35,983,081 (287,864,648 bps)
 19: 34,514,206 (276,113,648 bps)
RWIN=1460000
RTT=1.266 ms
BDP=8,769,418,114 bps

I don't know what D-Links intended design of TGR was, however seems to be slower than expected.  :-\