• December 15, 2017, 01:49:16 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Firmware 1.20B02 Released - SECURITY PATCH  (Read 566 times)

GreenBay42

  • Administrator
  • Level 5 Member
  • *
  • Posts: 527
Firmware 1.20B02 Released - SECURITY PATCH
« on: October 06, 2017, 09:46:54 AM »

The ZIP file will include 2 firmware files, release notes, and instructions.

Install v1.15 first, reboot, then install 1.20b02, reboot. It is recommended to perform a hard reset (paper clip in reset hole for 10 seconds) after updating.

DO NOT SKIP v1.15. Updating to 1.20B02 directly will not fix all issues.


Firmware - ftp://FTP2.DLINK.COM/PRODUCTS/DIR-885L/REVA/DIR-885L_REVA_FIRMWARE_PATCH_v1.20B02.zip


Release Notes:

  • Add Firmware Protection to BIN file and System
  • WAN && LAN - XSS exploit  (CVE-2017-14413, CVE-2017-14414, CVE-2017-14415, CVE-2017-14416)
  • WAN - Weak Cloud protocol  (CVE-2017-14419, CVE-2017-14420)
  • WAN && LAN - Stunnel private keys  (CVE-2017-14422)
  • WAN && LAN - Nonce brute forcing for DNS configuration  (CVE-2017-14423)
  • Local - Weak files permission and credentials stored in clear text  (CVE-2017-14424, CVE-2017-14425, CVE-2017-14426, CVE-2017-14427, CVE-2017-
    14428)
  • LAN – DoS attack against some daemons  (CVE-2017-14430)
  • Security fixes to PHP CGI files to mitigate exposing credentials
  • Correct stack overflow vulnerability caused by HNAP
« Last Edit: October 06, 2017, 11:11:57 AM by GreenBay42 »
Logged

happyhere

  • Level 3 Member
  • ***
  • Posts: 154
Re: Firmware 1.20B02 Released - SECURITY PATCH
« Reply #1 on: November 10, 2017, 10:31:46 PM »


anyone here have applied this new 1.20 firmware?  any feedback or issues?
I am reluctant at the moment as our '885L' is like a prod environment, household will blame me if router becomes unstable :)
Logged

hydra3333

  • Level 2 Member
  • **
  • Posts: 37
Re: Firmware 1.20B02 Released - SECURITY PATCH
« Reply #2 on: November 11, 2017, 02:09:07 AM »

rock solid stable here.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 43913
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: Firmware 1.20B02 Released - SECURITY PATCH
« Reply #3 on: November 11, 2017, 11:37:57 AM »

Let us know if you update. Please fully read the update instructions before updating your router.


anyone here have applied this new 1.20 firmware?  any feedback or issues?
I am reluctant at the moment as our '885L' is like a prod environment, household will blame me if router becomes unstable :)
Logged
Cable:200mb/10Mb>Motorola MB7420>COVR3902>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

happyhere

  • Level 3 Member
  • ***
  • Posts: 154
Re: Firmware 1.20B02 Released - SECURITY PATCH
« Reply #4 on: November 12, 2017, 01:08:01 AM »


yes I will update to 1.20 around December break when I have more days to stay in that home having 885L.
I have read instructions from admin to upgrade to 1.15 before 1.20, will follow that :)

Let us know if you update. Please fully read the update instructions before updating your router.


anyone here have applied this new 1.20 firmware?  any feedback or issues?
I am reluctant at the moment as our '885L' is like a prod environment, household will blame me if router becomes unstable :)
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 43913
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: Firmware 1.20B02 Released - SECURITY PATCH
« Reply #5 on: November 12, 2017, 09:55:49 AM »

 ;)
Logged
Cable:200mb/10Mb>Motorola MB7420>COVR3902>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting