• June 23, 2018, 04:11:42 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DNR-202L - Firmware Security Patch v2.05.01 Released  (Read 1425 times)

GreenBay42

  • Administrator
  • Level 6 Member
  • *
  • Posts: 994
DNR-202L - Firmware Security Patch v2.05.01 Released
« on: November 22, 2017, 09:00:59 AM »

A firmware patch has been released.

Firmware --> ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DNR-202L/REVA/DNR-202L_REVA_FIRMWARE_PATCH_v2.05.01.zip

Release Notes:

Vulnerability ID: CVE-2012-5958   

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.
Logged

nukemedic

  • Level 1 Member
  • *
  • Posts: 2
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #1 on: December 23, 2017, 07:15:34 AM »

Glad to hear that security is being maintained. 

But I noticed that the button and tab descriptions all seem incorrect now - looks like variable names are being used instead of labels?
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 45175
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #2 on: December 23, 2017, 10:26:07 AM »

Please give a example of what your seeing or screen capture please.
Adding Screenshots In A Post

What browser are you using?

Glad to hear that security is being maintained. 

But I noticed that the button and tab descriptions all seem incorrect now - looks like variable names are being used instead of labels?
Logged
Cable:200mb/10Mb>Motorola MB7420>COVR3902>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

nukemedic

  • Level 1 Member
  • *
  • Posts: 2
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #3 on: December 24, 2017, 04:36:40 AM »

latest safari on mac running sierra (not high sierra yet)

this is the first page, all pages are like this, settings pages even worse

Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 45175
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #4 on: December 24, 2017, 10:46:50 AM »

Ok, I can confirm this as well:


Grammer Check:


Seen in both Safari and FF ESR (v52)

I'll pass this one to D-Link for review.

« Last Edit: December 24, 2017, 10:48:46 AM by FurryNutz »
Logged
Cable:200mb/10Mb>Motorola MB7420>COVR3902>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

RYAT3

  • Level 10 Member
  • *****
  • Posts: 2110
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #5 on: December 30, 2017, 02:04:50 PM »

Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 45175
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #6 on: December 30, 2017, 02:11:02 PM »

There are a few UI issues i've found. I've passed this long to D-Link for review. I presume they will have a look at this Monday.

If you need too, you could revert back to v2.04. I presume this issue will take some time before we see a fixed release.  ::)

Are your months there?

https://www.screencast.com/t/lAqGr2xzx
Logged
Cable:200mb/10Mb>Motorola MB7420>COVR3902>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

RYAT3

  • Level 10 Member
  • *****
  • Posts: 2110
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #7 on: December 30, 2017, 04:04:30 PM »

There are a few UI issues i've found. I've passed this long to D-Link for review. I presume they will have a look at this Monday.

If you need too, you could revert back to v2.04. I presume this issue will take some time before we see a fixed release.  ::)

Are your months there?

https://www.screencast.com/t/lAqGr2xzx

2.04.03 is where it started for me.

I'm curious on your mac, specifically:  Are your months missing in playback?

Have you tried to reinstall 2.05?
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 45175
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: DNR-202L - Firmware Security Patch v2.05.01 Released
« Reply #8 on: January 02, 2018, 10:08:35 AM »

Looks like this issue was reproduced at D-Link and is now under review for fix. Hopefully soon. Please be patient.  ;)
Logged
Cable:200mb/10Mb>Motorola MB7420>COVR3902>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting