Remote Command Execution Vulnerability in D-Link DWR and DAP routers
19 ožujka, 2019
Overview:
On March 17, 2019, greenbone.net reported a remote command execution vulnerability in several D-Link DWR and DAP routers. D-Link is aware of the reported security issues. We have promptly started our investigation and is currently working on firmware patches for products confirmed to be affected. We will provide updates as soon as we have more information, please see below for more details.
Reference:
Reported products:
Model | H/W Ver. | Affected Firmware Ver. | Current Status |
DAP-1530 | All A Revisions | Before 1.06b01 | Patch available. In regions where this product is available, please check your local D-Link website. |
DAP-1610 | All A Revisions | Before v1.06b01 | Firmware available |
DWR-111 | All A Revisions | Before v1.02v02 | Patch available. In regions where this product is available, please check your local D-Link website. |
DWR-116 | All A Revisions | Before v1.06b03 | Latest firmware is not affected |
DWR-512 | All B Revisions | Before v2.02b01 | Firmware available |
DWR-711 | All A Revisions | v1.11 and lower | Under development |
DWR-712 | All B Revisions | Before 2.04b01 | Patch available. In regions where this product is available, please check your local D-Link website. |
DWR-921 | All A Revisions | Before v1.02b01 | |
DWR-921 | All B Revisions | Before v2.03b01 | Firmware available |
D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates.