D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on August 24, 2018, 07:11:55 AM

Title: DIR-620/620S/620G1A Security Patch Available
Post by: GreenBay42 on August 24, 2018, 07:11:55 AM: Affected Products: DIR-620, DIR-620S, and DIR-620G1A
Hardware Revision: Ax and Ex

Firmware v2.0.22 - ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-620/DIR-620_FIRMWARE_PATCH_2.0.22_RU.zip (ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-620/DIR-620_FIRMWARE_PATCH_2.0.22_RU.zip)

Disclosed by Kaspersky Labs:

1. CVE-2018-6210 - a vulnerability that lets attackers recover Telnet credentials.
2. CVE-2018-6211 - a flaw that lets attackers execute OS commands via one of the admin panel's URL parameters.
3. CVE-2018-6212 - a reflected cross-site scripting (XSS) vulnerability in the router's "Quick Search" admin panel field

SMF 2.0.13 | SMF © 2016, Simple Machines