On October 16th, researchers disclosed security vulnerabilities in the widely used standard for Wi-Fi security WPA2 (Wi-Fi Protected Access II) that make it possible for attackers to eavesdrop on Wi-Fi traffic. D-Link has immediately taken actions to investigate this matter. This security concern appears to be an industry-wide issue that will require firmware patches to be provided from the relevant semiconductor chipset manufacturers.

 

D-Link has requested assistance from the chipset manufacturers. As soon as the firmware patches are received from the chipset manufacturers, we will post them on our websites immediately. Please take the following important actions to help protect your privacy:

 

1. Is highly recommended to use encrypted communications protocols such as VPN or HTTPS, especially when delivering confidential information.

2. Check our website regularly for the newest firmware updates.

 

[Update 10/23/17 for products sold in US]

 

Associated CVE IDs for CERT/CC VU number: VU#228519

CVE-2017-13077

CVE-2017-13078

CVE-2017-13079

CVE-2017-13080

CVE-2017-13081

CVE-2017-13082


The WPA2 protocol is ubiquitous in wireless networking. The vulnerabilities described are in the standard requiring a broad product-line and industry correction. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific product, check the table. Note that the table list below is not exhaustive, and we recommend to check back frequently over the next 30 days.


These WPA-2 vulnerabilities affect the following (US products):

 

mydlink Cameras:

 

Model Ver. Patch Release Final Release

DCS-2132L A1  

DCS-2132L B1  

DCS-2136L A1  

DCS-2230L A1  

DCS-2330L A1  

DCS-2332L A1  

DCS-2530L A2  

DCS-2630L A2  

DCS-2670L A1  

DCS-5009L A1  

DCS-5010L A1  

DCS-5020L A1  

DCS-5029L A2  

DCS-5030L A1  

DCS-5222L A3  

DCS-5222L B2  

DCS-700L A1  

DCS-8000LH A1  

DCS-800L A1  

DCS-8200LH A1  

DCS-820L A1  

DCS-825L A1  

DCS-850L A1  

DCS-855L A1  

DCS-930L A3  

DCS-930L B2  

DCS-931L A1  

DCS-932L A1  

DCS-932L B2  

DCS-933L A1  

DCS-935L A1  

DCS-936L A1  

DCS-942L A3  

DCS-942L B1  

DCS-960L A1  

DSH-C310 A1  

 

COVR WiFi System:

 

Model Ver. Patch Release Final Release

COVR-3902-US A1  

COVR-1300E A1  

 

W-Fi Routers :

 

Model Ver. Patch Release Final Release

DIR-813 A1  

DIR-816 A1/A2 11/14/17  

DIR-827 A1  

DIR-850L A1  

DIR-850L A1 11/22/17  

DIR-850L B1 11/30/17  

DIR-850L B1 11/02/17  

DIR-859 A3  

DIR-859 A3  

DIR-865L A1  

DIR-865L A1  

DIR-867 A1  

DIR-868L A1  

DIR-868L A1 11/09/17  

DIR-869 A1  

DIR-878 A1  

DIR-878 A1  

DIR-879 A1  

DIR-880L A1 11/17/17  

DIR-880L A1/A2  

DIR-880L A2 12/21/17  

DIR-882 A1  

DIR-882 A1  

DIR-885L A1 12/05/17  

DIR-885L A2  

DIR-895L A1 11/27/17  

DIR-895L A1 12/13/17  

DIR-895L A2  

DIR-895L A3  

 

 

WiFi Range Extenders:

 

Model Ver. Patch Release Final Release

DAP-1320 A1 11/27/17  

DAP-1320 B1 11/27/17  

DAP-1320 C1 11/14/17  

DAP-1330 A1  

DAP-1360 A1 11/21/17  

DAP-1360 C2  

DAP-1520 A1 11/17/17  

DAP-1620 A1/A2 11/16/17  

DAP-1650 A1/A2 12/18/17  

DAP-1665 A1/A2  

DAP-1665 B1 01/09/18  

DAP-1720 A1 12/08/17  

DAP-1860 A1 11/10/17  

DAP-2330 Ax 12/11/17 Jan-18

DAP-2360 Bx 11/23/17 Dec-17

DAP-2553 Bx 12/27/17 Jan-18

DAP-2610 Ax 11/20/17 Dec-17

DAP-2660 Ax 11/13/17 Dec-17

DAP-2690 Bx 01/03/18 Feb-17

DAP-2695 Ax 12/06/17 Jan-18

DAP-3320 Ax 12/19/17 Jan-18

DAP-3662 Ax 12/14/17 Jan-18

 

Unified Wireless System Access Points

 

     Important Note for Owners:

 

      In default configuration the unified wireless system products are NOT AFFECTED.

     ONLY If the Wireless Distribution System (WDS) feature is ENABLED will make this ecosystem vulnerable and Affected.

 

     Recommendation: We recommend to disable WDS until patches are made available.

 

Model Ver. Patch Release Final Release Notes

DWL-3610AP A1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-6610AP A1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-6610AP B1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-6610APE B1 Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-8610AP Ax Not Affected if WDS Disabled / Affected if WDS Enabled

DWL-8710AP A1 Not Affected if WDS Disabled / Affected if WDS Enabled

 

 

WiFi Adapters:

 

Model Ver. Patch Release Final Release

DWA-125 D1 11/30/17  

DWA-130 F1 11/28/17  

DWA-131 E1  

DWA-140 D1 11/28/17  

DWA-160 C1  

DWA-171 A1 11/24/17  

DWA-182 C1 11/24/17  

DWA-182 D1 11/30/17  

 

Mobile / WLAN Routers:

 

Model Ver. Patch Release Final Release

DIR-506L A1  

 

Power-Line Networking:

 

Model Ver. Patch Release Final Release

DHP-W310AV C1 11/28/17 Dec-17

DHP-W610AV A1 12/15/17 Dec-17

DHP-W610AV B1 11/10/17 Nov-17

 

Smart Home Products:

 

Model Ver. Patch Release Final Release

DSP-W215 A2 11/27/17  

 

DSL Gateway

Model Ver. Patch Release Final Release Notes

DSL-2750B T1/T2 Not Affected

DSL-2750B-SG T1 Not Affected

DSL-2750B-US T1 Not Affected

블로그 이미지

Ryansecurity Ryansecurity

Life is fun security story

티스토리 툴바