• February 25, 2021, 12:20:20 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: New - DAP-1330 v1.13B01 BETA - Official Security Release  (Read 1537 times)

FurryNutz

  • Poweruser

  • ▲▲
  • *****
  • Posts: 49521
  • D-Link Global Forum Moderator
    • Router Troubleshooting
New - DAP-1330 v1.13B01 BETA - Official Security Release
« on: February 24, 2020, 12:56:24 PM »

Firmware:   v1.13 Build 01 Beta   02/20/2020 WW Region!

Overview

On January 3, 2020, Trend Micro's Zero Day Initiative (ZDI) research team submitted a HNAP Authentication Bypass Vulnerability that is  logic flaw in the implementation of the HNAP login algorithm allowing an attacker to bypass authentication and reset the admin password

The DAP-1330 is a LAN-side WiFi-Extender with only access to the LAN (local area network) that it is connected.

3rd Party Report information
          - Report provided chung96vn - Security Researcher of VinCSS (Member of Vingroup) working with Trend Micro ZDI

          - Reference :

            - CVE-2020-8861

            - ZDI-CAN-9554: D-Link DAP-1330 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability

            - Web digitalmunition :: https://bit.ly/2Vb0Jmc
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10155

Revision Info:   
Problems Resolved:
-Fix few issues on Chrome/IE browser.-Fix some IPv6 issue.
-Fix HT20/40 consistence issue.
-Fix potential security issue including WPA2 fixed.
-Fix management issue on Web page.
-ZDI-CAN-9554 - HNAP Authentication Implementation (chung96vn - SecurityResearcher of VinCSS (Member of Vingroup) working with Trend Micro ZeroDay Initiative)

Enhancements:
-Support IPv6.
-Support auto channel on Ethernet mode.
-Improve setup process.
-Disable 11d information.
-Improve Firmware upgrade process.

Get it here:
DAP-1330

NOTE: Follow the>FW Update Process




Logged
Cable: 1Gb/50Mb>NetGear CAX80>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.