• June 02, 2020, 02:37:28 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  


This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: New - DCS-933L Rev A - Firmware v1.15 B01 Comments & Observations  (Read 2491 times)


  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 48816
  • D-Link Global Forum Moderator
    • Router Troubleshooting

This update is in regards to >CVE-2019-10999 :: Authenticated Buffer Overflow (Various DCS Cameras)

D-Link posted DCS-933L Rev A firmware version,which can be downloaded from >DCS-933L Rev A  - Firmware v1.15 B01 Download.

Problems Fixed
1. Add CSRF protection for FTP setting.
2. Remove crossdomain.xml to fix a security vulnerability.
3. Fix an issue where sending long password on password field of html page.
4. Fix an issue that when set motion sensitivity to 0%, the motion alarm still occurs.
5. Fix an authenticated buffer overflow vulnerability issue.

New Features
1. Update Mydlink Agent to v2.2.0-b63.
2. The default system time is changed to 2019-01-01.
3. Re-sign the ActiveX plugin with the new certificate
4. Re-sign the Java Applet with the new certificate
5. Re-sign the macOS plugin with the new certificate
6. Support digest authentication for Web UI
7. Upgrade MatrixSSL to v3.9.3
8. Add XSS protection mechanism for CGI command.
9. Change the open source to GPLv2 terms

Please post your comments and observations as a reply to this thread.

 :)  ;)  :)
"Nothing Funny about It...." We are not here to Impress anyone! You have a be a COMPETENT user first to under stand COMPETENT help!