Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[FurryNutz]

D-Link posted DCS-942L Rev A firmware version v1.27 which can be downloaded here: http://support.dlink.com/ProductInfo.aspx?m=DCS-942L

Problems Fixed
1. Fix the unsuitable response issue for API /cgi/admin/adv_do.cgi. (Display 404 not found)
2. Fix the CSRF vulnerability.
3. Fix the ONVIF vulnerability for not well-formed request.
4. Fix below Onward security issues:
 OnSec-VUZ-103-48001, TLS/SSL Server Supports Weak Cipher
Algorithms.
 OnSec-VUZ-103-48002, OpenSSL CCS Injection.
5. Fix issue low sensitivity for motion detection.

New Features
1. Support 3DES encryption in WinXP + IE8, and remove RC4 encryption.
2. Support TLS, v1.1 & v1.2.
3. Add the notification message for Chrome 45 and above.
4. Add the notification message for Win10/Edge.
5. To fix the CSRF vulnerability, there is a spec change issue. The HTTP Authentication Realm will change as “Product_Name_xx”, where xx is 2 digit suffix of MAC address.
6. Upgrade ActiveX/NCSPlugin for windows to v1.0.0.10413
7. Upgrade mydlink agent to v2.0.20-b09 to fix the notification issue.
8. Refine the CSRF fix to exclude NIPCA CGIs.
9. Modify 403 error message for CSRF protection.
10. Enable CSRF Protection by default.
11. Upgrade open source OpenSSL to v1.0.2d.
12. Change the copyright and default system time for year 2015.
13. Remove redundant message from NIPCA API /config/wlansignal.cgi.

• Network Cameras - Important Posts & Information
  
• Network Cameras - Beta Firmware Terms and Conditions
  
• Network Cameras - Why Have Multiple Hardware Versions for the Same Model?
  
  

Please post your comments and observations as a reply to this thread.

    

[banchang]

Is this for DCS 930L or DCS 942L ?

According to the Support site the latest firmware for DCS-942L is 1.26 ?

[FurryNutz]

Sorry for the typo, this update is for the DCS-942L.

Is this for DCS 930L or DCS 942L ?

According to the Support site the latest firmware for DCS-942L is 1.26 ?

[banchang]

Thanks - the different parts of the DLINK website don't appear to be in sync/updated.

The support page for products says 1.26 is latest, but if you search you do indeed find 1.27.

Thanks for update.

[FurryNutz]

Ya sometimes both sites are not updated together.

Let us know how it goes. 

[vabba314]

Both User Name and Password fields in the Video Clip and Snapshot settings tabs under Setup are still limited to 30 chars.
This still prevents me from using my Microsoft first e-mail alias as User Name (it is 34 chars long!).

I reported this a long time ago, but I see they haven't fixed this issue yet.

[FurryNutz]

If this has been resolved by now, it may never be. There maybe security reasons why. I recommend that you may need to use a shorter email alias account.

Both User Name and Password fields in the Video Clip and Snapshot settings tabs under Setup are still limited to 30 chars.
This still prevents me from using my Microsoft first e-mail alias as User Name (it is 34 chars long!).

I reported this a long time ago, but I see they haven't fixed this issue yet.

[eamcintosh]

Upgraded my Rev.A DCS-942L to latest 1.27 firmware.  Using MyDlink Web Portal cannot view SD card video files (H.264 MP4)...get file media error. Also cannot view same files using MyDlink Lite app on my Android smartphone...get File not found error (404).   The MP4 videos files on SD card can be downloaded to my PC when accessing the webcam locally. Files play fine.

Reinstalled the previous 1.26 firmware on the webcam,  video files on SD card play fine via MyDlink Web portal and Lite app on smartphone.

Obviously this update was not tested very well.   The old adage applies here...if its working fine, don't touch it !

[FurryNutz]

Did you factory reset and then set up the camera again from scratch after applying the update?
What PC platform are you using?
What browser are you using? Happen with IE11 or FF?
Be sure to clear any browser caches, exit the browser then reopen the browser and reconnect.

[eamcintosh]

No. Never had to do that on previous updates. Upgrade instructions do not tell you to do this.   I'll try it when I get a chance but I need something that works now.

[FurryNutz]

Ok, do when you can. So far your the only one posting about this kind of behavior. There maybe new items in the FW that may need a new factory update and set up.

If you can't get v1.27 to work, let us know. I'll pass it on to D-Link for review.

[eamcintosh]

Good news. I factory reset on the 1.26 firmware and then upgraded to 1.27 and as far as I can see all is working ok now. I can view SD video recordings on my smartphone using myDlink Lite and also via the MyDlink Web portal.  The latter is working on IE11 and Firefox but apparently Windows Chrome doesn't support the extension needed anymore. No worries 2 browsers are enough.   Thanks FurryNutz for your help.

[FurryNutz]

Glad it's working. I guess a factory reset is a good thing before upgrading FW. Thanks for confirming this. 
Yes Google makes it hard to use 3rd party plug-ins in there browsers now days.
Also...
http://www.ghacks.net/2015/04/15/chrome-42-blocks-java-silverlight-other-plugins-by-default-now/
Yes there was issues when Chrome pulled the plug on Java based applications - they disabled NPAPI plugins - anyone could go into Chrome and enable NPAPi   http://knowledge.kaltura.com/enabling-silverlight-plugin-npapi-plugins-chrome  make sure you scroll to bottom and click "relaunch now"

After Chrome disabled Java (NPAPI) D Link decided to create it's own plugin "Universal Media Player" but AFAIK Chrome users still needed to enable NPAPI

Chrome threatened to block all Java type because of security issues then D Link jumped on the band wagon again and now there is an app (extension) called mydlink services plugin   https://chrome.google.com/webstore/detail/mydlink-services-plugin/ldibdoepbjbkkcbgndfljnphngpglhbb?utm_source=chrome-app-launcher-info-dialog

Enjoy. 

[AntonyDu92]

The "enable NPAPi" trick can't be done in newer versions of Chrome.
I have tried "Universal Media Player" both in Firefox 52 and Chrome 57. It does not change the live view problem.
see my post in http://forums.dlink.com/index.php?topic=66483.15
The  mydlink services plugin may be the solution for access via mydlink.com with chrome (not OK for me, probably my old firmware i don't want to change because i experienced problems with newer ones), but i prefer direct Local Network access, not internet access.

[FurryNutz]

IE11 for Windows and Safari for Mac is working for me with my DCS-933L and 960L and other cloud devices.