• March 28, 2024, 02:47:24 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DIR-850L Rev A FW v1.21 Build 07 Official Security Release - All Regions!  (Read 15894 times)

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting

Firmware:   v1.21 B07   11/06//2018 All Regions!
Revision Info: Rev A Only!   

Problems Resolved:
On August 20, 2018,  D-Link was notified and began investigation with coordination froom NCSC-FI regarding a possible security vulnerability on the DIR-850L hardware revision A, that allows an attacker to bypass WiFi encryption and gain internet access via WiFi.

3rd Party Report information
Author: Tuomo Untinen of Synopsys of Finland

Coordination:  National Cyber Security Centre Finland (NCSC-FI)

Public Disclosure: https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2018/haavoittuvuus-2018-026.html

Details
We advise to read the Public Disclosure from the author.

The D-Link DIR-850 wlan router will communicate to client that have not completed full a WPA handshake. The client can communicate with the router with IP packets on Data Frames without encryption. An attacker can join the network provided by the affected router without the required credentials, and mount further attacks to the users of the network.

Known Issues:
None

Enhancements:
None

Get it here:
DIR-850L


Please follow the> FW Update Process to ensure a good FW upgrade is performed.

Let us know how it works for you...


« Last Edit: November 07, 2018, 10:56:32 AM by FurryNutz »
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting

Build 08 is new and available for Rev A.

v2.33. Build O3 is available for DIR-850L Rev B models.

Problems Resolved:
Report: A research report to D-Link has reported multiple routers (DIR-850L A1/B1, DIR-822 C1 and DIR-880L A1) with security vulnerabilities: Authenticated bypass and Authenticated RCE. 3rd Party Researcher: Henry Huang (happyholic1203 at gmail dot com)
1.Authentication bypass
2.Authenticated RCE


Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DIR-850L Rev A FW v1.21 Build 07 Official Security Release - All Regions!
« Reply #2 on: November 02, 2019, 09:04:54 AM »

"This product has been discontinued.
Free support for this product has ended on 08/31/2018."

D-Link’s End-of-Life Policy can be found here: https://support.dlink.com/EndOfLifePolicy.aspx
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.