D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on April 27, 2018, 10:11:10 AM

Title: DCS-5020L - Security Patch v1.15.01 - Authenticated RCE Vulnerability
Post by: GreenBay42 on April 27, 2018, 10:11:10 AM
New firmware available for the DCS-5020L Revision Ax

Firmware - ftp://FTP2.DLINK.COM/PRODUCTS/DCS-5020L/REVA/DCS-5020L_REVA_FIRMWARE_PATCH_v1.15.01.zip (ftp://FTP2.DLINK.COM/PRODUCTS/DCS-5020L/REVA/DCS-5020L_REVA_FIRMWARE_PATCH_v1.15.01.zip)

Release Notes:

Discovered: 1/22/2017 - Tim Carrington ( carrington123_at_hotmail_co_uk )

Problems Resolved:
CVE-2017-17020 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17020) - Authenticated RCE vulnerability

Affected Models:
DCS-5009 H/W   Revision Ax FW 1.08.11 and before    Under Development
DCS-5010 H/W   Revision Ax FW 1.14.09 and before    Under Development
DCS-5020 H/W   Revision Ax FW 1.14.09 and before    Fixed 1.15.01