D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on April 30, 2018, 08:09:09 AM

Title: DCS-825L - Firmware v1.09 B02 - command injection/remote code exec fix
Post by: GreenBay42 on April 30, 2018, 08:09:09 AM

FIrmware - ftp://FTP2.DLINK.COM/PRODUCTS/DCS-825L/REVA/DCS-825L_REVA_FIRMWARE_v1.09.02.zip (ftp://FTP2.DLINK.COM/PRODUCTS/DCS-825L/REVA/DCS-825L_REVA_FIRMWARE_v1.09.02.zip)  or upload through app.

Post your comments here --> http://forums.dlink.com/index.php?topic=73657 (http://forums.dlink.com/index.php?topic=73657)

Release Notes:

Features:
1. Update mydlink agent to v2.2.0-B34

Fixes:
1. Fix security vulnerability issue - [CVE-2017-11564] D-Link DCS-825L Multiple Command Injection Found in Web Service Framework.
2. Fix security vulnerability issue - [CVE-2017-11563] D-Link DCS-825L finderd Remote Code Execution.
3. Fix support issue [DCS-825L] Cannot local access via mydlink lite app[HQ20170824000007-Taiwan]