Menu principale

D-Link DIR-878: EXO AC1900 MU-MIMO Wi-Fi Router

Aperto da Carciofone, 20 Marzo 2018, 08:07:06

Carciofone

D-Link DIR-878
EXO AC1900 MU-MIMO Wi-Fi Router
Dual-band Wireless AC1900 (1,300 Mbps on 5 GHz + 600 Mbps on 2.4 GHz)




DIR-878 A1  MediaTek MT7621AT (880 MHz, 2 cores)


EXO AC1900 MU-MIMO Wi-Fi Router DIR-878 in breve:

  Dual-band Wireless AC1900 (1,300 Mbps on 5 GHz + 600 Mbps on 2.4 GHz)
    802.11ac Wave 2 con MU-MIMO e Advanced AC SmartBeam 3X3
    Gigabit WAN e 4 x Gigabit LAN


MIMO multi-utente (MU-MIMO)
L'AC1900 MU-MIMO Wi-Fi Router è progettato per supportare la tecnologia MU-MIMO che consente a più dispositivi di ottenere contemporaneamente un segnale Wi-Fi a banda larga potente, distribuendo i dati più efficientemente, per ottenere le più alte velocità Wi-Fi in casa. I contenuti multimediali HD possono viaggiare più velocemente, il trasferimento di grandi file avviene in pochi secondi e sarà possibile godersi i giochi senza tempi di attesa.

Processore dual core: maggiore potenza di elaborazione
Desideri un processore potente ad alte prestazioni in grado di gestire più attività a velocità incredibili?
Il processore dual-core potenzia l'elaborazione multi-tasking e migliora le velocità di throughput per tutte le tue applicazioni.

Copertura WiFi estrema: SmartBeam Forming
Quattro antenne esterne ad alte prestazioni e potenti amplificatori garantiscono una maggiore copertura Wi-Fi in tutta la casa. Un maggior numero di dispositivi si connetterà con maggiore velocità alla rete con assenza di zone morte.
Migliora la copertura dirigendo la larghezza di banda ai tuoi dispositivi mentre ti sposti all'interno della tua casa.
Potrai guardare video HD in streaming, effettuare chiamate Skype con i tuoi amici e giocare on-line da ovunque ti trovi, ottenendo sempre la migliore esperienza possibile grazie alla tecnologia AC SmartBeam avanzato e al flusso dati 3X3 che traccia i dispositivi collegati per ottenere una velocità e una portata Wi-Fi migliorata.


Supporto DLNA & QoS
Accessibile condivisione multimediale di file audio e video ottimizzata per flussi 4K.

Caratteristiche
Connettività
• Velocità WiFi combinata con modalità AC fino a 600 Mbps su 2.4 GHz e 1,300 Mbps su 5 GHz
• Advanced AC SmartBeam™ 3X3 dramatically enhances wireless signal strength and throughput
• 802.11 a/b/g/n/ac wireless LAN for a complete range of wireless compatibility
• 5 porte ethernet Gigabit WAN and LAN

Hassle-Free D-Link Smart Connect Technology per il band stearing
• Distribuzione automatica dei client wireless su una delle due bande 2.4 Ghz e 5 Ghz a seconda del carico di di rete e delle velocità di ciascun client wireless.

Advanced Quality of Service (QoS)
• Band steering efficiently balances the data load between the two wireless bands
• Airtime fairness optimally adjusts the data rate of wireless clients for the best performance

Security
• WPA & WPA2 wireless encryption protects the network from intruders
• Wi-Fi Protected Setup (WPS) securely adds devices to your network at the push of a button


Panoramica
The EXO AC1900 MU-MIMO Wi-Fi Router brings a host of new technologies to create the best Wi-Fi experience to date. Supporting the latest in Wi-Fi technology, with combined Wi-Fi speeds of up to 1.900 Mbps, it allows you to create a home Wi-Fi that connects all of your computers, game consoles, smart  TVs  and  mobile  devices.  AC  SmartBeam™  together  with  MU-MIMO  technology  brings  you the  future  of  high-bandwidth  wireless  connectivity,  further  increasing  the  speed  and  coverage  of your network.

Superior Coverage and Speed with Advanced AC SmartBeam™
The  DIR-882  upgrades  your  network  to  the  latest  dual-band  high-speed  wireless  technology to bring you lightning fast Wi-Fi speeds of up to 1.900 Mbps, so you can meet the increasing demand  from  multimedia  applications.  Enjoy  seamless  high  definition  streaming  media, Internet  phone  calls,  online  gaming  and  content-rich  web  surfing  throughout  your  home  or office.
In addition, 10/100/1000 Gigabit Ethernet ports give you solid, dependable wired performance for devices such as Network Attached Storage (NAS), set-top boxes and gaming consoles. The built-in Quality of Service (QoS) engine allows you to prioritise important traffic to ensure that your favourite applications are receiving optimal bandwidth.

Smooth Streaming with Wireless 802.11ac Wave 2
The  DIR-878  brings  a  host  of  new  technologies  to  create  the  best  wireless  networking experience to date. With 802.11ac Wave 2 technology, it provides Gigabit wireless connectivity with combined transfer rates of up to 1.900 Mbps (1.300 Mbps Wireless AC + 600 Mbps Wireless N). Featuring Multiple-User MIMO (MU-MIMO) technology, it can send and receive data to and from devices simultaneously to increase speed and efficiency. It is like having multiple routers in your home.
 
Easy to Set Up and Secure
Sharing your Internet connection doesn't have to be a complicated process: just open a web browser to access the setup wizard and follow the easy step-by-step  instructions  to  get  started.  Configure,  apply  and  set  up  WPA/WPA2 wireless security in minutes with the wireless network setup wizard, or use Wi-Fi Protected Setup (WPS), which establishes an encrypted connection to new
devices without the need to enter settings or create passwords. In addition, the built-in firewall requires no setup, protecting you against malicious attacks from  the  Internet  and  access  control  features  allow  you  to  restrict  access  to your network giving you greater control over network users.


Specifiche
Device Interfaces
• 802.11 a/b/g/n/ac wireless LAN
• Four 10/100/1000 Gigabit LAN ports
• 10/100/1000 Gigabit WAN port

Antenna Type
• Four dual-band dipole antennas with high gain and amplified

Standards
• IEEE 802.11ac
• IEEE 802.11n
• IEEE 802.11g
• IEEE 802.11b
• IEEE 802.11a
• IEEE 802.3
• IEEE 802.3u

Minimum System Requirements
• Windows 10/8/7 / Mac OS X 10.4 or higher
• Microsoft Internet Explorer 6 or higher, Firefox 1.5 or higher, or other Java-enabled browser
• Ethernet network interface
• Fiber, Cable or DSL modem
• Subscription with an Internet service provider

Advanced Features
• Guest zone
• Multi-language web setup wizard
• Green Ethernet
• DLNA2 support
• Advanced AC SmartBeam™ 2
• Bridge mode       
• Dual active firewall: Network Address Translation (NAT) & Stateful Packet Inspection (SPI)
• VPN passthrough/multi-session PPTP/L2TP/IPSec
• Advanced QoS with band steering
• VPN server - L2TP over IPSec

Wireless Security
• WPA & WPA2 (Wi-Fi Protected Access)
• Wi-Fi Protected Setup (WPS) PIN/PBC

Dimensions (L x W x D)
• 258.8 x 183.4 x 44.9 mm (10.2 x 7.2 x 1.8 inches) 

Weight
• 565 grammi 

Power
• Input:100 to 240 V AC, 50/60 Hz
• Input:12 V, 1.5 A

Temperature
• Operating: 0 to 40 °C (32 to 104 °F)
• Storage: -20 to 65 °C (-4 to 149 °F)

Humidity
• Operating: 0% to 90% non-condensing
• Storage: 5% to 95% non-condensing

Certifications
• FCC Class B
• CE Class B
• C-Tick
• DLNA2
• IPv6 Ready
• Wi-Fi Certified
• Wi-Fi Protected Setup (WPS)
• Wi-Fi Multimedia (WMM)
• Compatible with Windows 10[/size]


Documentazione
Scheda tecnica EU luglio 2017
Guida installazione rapida: V1.00 IT 20170824
Manuale prodotto V1.00 EU

Domande frequenti (Frequently Asked Questions - FAQ)
D-Link IT

Codice sorgente GPL Fw v.1.01

Firmware
WORLDWIDE (Mondiale)
DIR-878 Rev. Ax 1.30b08 Security04 ALL multi 20221027 note di versione incluse
DIR-878 Rev. Ax 1.30b08 ALL multi 20210329 note di versione incluse
DIR-878 Rev. Ax 1.30b03 ALL multi 20191214 note di versione incluse
DIR-878 Rev A1 1.21b01 ALL multi 20190929 note di versione incluse, guida aggiornamento note di versione incluse
DIR-878 Ax 1.20 build 05 neo ALL 20190814 note di versione incluse
DIR-878 Ax 1.12 build 01 20181001
DIR-878 Ax 1.11 build 02 20180817 con nota di edizione
DIR-878 Ax 1.10 build 05 20180203 con nota edizione -> Attenzione, per l'installazione attenersi alle istruzioni sotto!
DIR-878 Ax 1.01 build 04 20170904 con nota edizione

Firmware alternativi

A partire dalla versione dir878-a1 build 33006 20170803
NB. per installare il firmware DD-WRT è necessario effettuare il downgrade del firmware D-Link alla versione 1.04 utilizzando il file 1_DIR-878_RevA_MiddleFirmware104b05.bin contenuto qui.

Approfondimenti
WikiDevi: DIR-878 rev A1

Supporto internazionale D-Link
Pagina prodotto: Italia, USA, Canada, Germania
Sito FTP: Europa, Germania, Australia, USA, US-SEC_ADV
Supporto Tecnico: Taiwan TSD

Carciofone

Attenzione: aggiunto al primo post link del download del nuovo firmware v. 1.10B05 20180203 correttivo dei bag riguardanti il protocollo di sicurezza WPA2.

Istruzioni di installazione. Attenersi alla seguente sequenza:

1) Resettare il router tramite interfaccia web dopo aver compiuto l'accesso mediante un browser all'indirizzo http://192.168.0.1/ oppure http://dlinkrouter.local./ ;
2) Aggiornare una prima volta il router caricando manualmente il file 1_DIR-878_RevA_MiddleFirmware104b05.bin. Attendere il tempo necessario all'aggiornamento (circa 4 minuti);
3) Aggiornare per la seconda volta con il firmware 2_DIR-878_RevA_Firmware110b05.bin ed attendere che il router effettui il riavvio (4 minuti circa).
4) Resettare nuovamente il router alle impostazioni iniziali di fabbrica tramite l'interfaccia web e NON utilizzare file di configurazione salvati in precedenza con versioni diverse del firmware.

Changelog:
DIR-879 Firmware Release Notes


Firmware: 1.10b05
Hardware: Rev. Ax
Release Date: 2018/2/03

Note:
1. The firmware version is advanced to v1.10
2. The firmware v1.10 must be upgraded from the transitional version of firmware v1.04 (transitional version).

Problems Resolved:
1. Update wpa2 security patch
2. Support EU VLAN @ EU country code
3. Support VLAN profile @ SG country code
4. Upgrade dnsmasq to 2.78

Enhancements
1. Support D-Link Wi-Fi APP (QRS mobile won't be supported from firmware version v1.10 or later version).
2. Support image with encryption.

---------------------

Firmware: 1.06b01-07
Hardware: Rev.A1
Release Date: 2018/01/04

Note:
This release is to patch the WPA2 Key Reinstallation Attack (KRACK) Security Vulnerabilities affecting this product.

Problems Resolved:
A WPA2 wireless protocol vulnerability was reported to CERT//CC and public disclosed
as: VU#228519 - Wi-Fi Protected Access II (WPA2) handshake traffic can be
manipulated to induce nonce and session key reuse.

The following CVE IDs have been assigned to VU#228519. These vulnerabilities in the WPA2 protocol:

   ·   CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

   ·   CVE-2017-13078: reinstallation of the group key in the Four-way handshake

   ·   CVE-2017-13079: reinstallation of the integrity group key in the Four-way
       handshake

   ·   CVE-2017-13080: reinstallation of the group key in the Group Key handshake

   ·   CVE-2017-13081: reinstallation of the integrity group key in the Group Key
       handshake

   ·   CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association
       Request and reinstalling the pairwise key while processing it

   ·   CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake

   ·   CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
       PeerKey (TPK) key in the TDLS handshake

   ·   CVE-2017-13087: reinstallation of the group key (GTK) when processing a
       Wireless Network Management (WNM) Sleep Mode Response frame

   ·   CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
       processing a Wireless Network Management (WNM) Sleep Mode Response
       frame


This patch also included fixes for DNSmasq vulnerability:

   ·   CVE-2017-14491 ­ Remote code execution in the DNS subsystem that can be
       exploited from the other side of the internet against public-facing systems and
       against stuff on the local network. The previously latest version had a two-byte
       overflow bug, which could be leveraged, and all prior builds had an unlimited
       overflow.

   ·   CVE-2017-14492 ­ The second remote code execution flaw works via a heap-
       based overflow.

   ·   CVE-2017-14493 ­ Google labels this one as trivial to exploit. It's a stack-based
       buffer overflow vulnerability that enables remote code execution if it's used in
       conjunction with the flaw below.

   ·   CVE-2017-14494 ­ This is an information leak in DHCP which, when using in
       conjunction with CVE-2017-14493, lets an attacker bypass the security
       mechanism ASLR and attempt to run code on a target system.

   ·   CVE-2017-14495 ­ A limited flaw this one, but can be exploited to launch a
       denial of service attack by exhausting memory. Dnsmasq is only vulnerable,
       however, if the command line switches --add-mac, --add-cpe-id or --add-subnet
       are used.

   ·   CVE-2017-14496 ­ Here the DNS code performs invalid boundary checks,
       allowing a system to be crashed using an integer underflow leading to a huge
       memcpy() call. Android systems are affected if the attacker is local or tethered
       directly to the device.

   ·   CVE-2017-13704 ­ A large DNS query can crash the software

---------------------

Firmware: 1.05b01
Hardware: Rev.A1
Release Date: 2017/02/06

Problems Resolved:
1. Fix setup GUI is not reachable.

Enhancements:
None

---------------------

Firmware: 1.04b01_01
Hardware: Rev.A1
Release Date: 2016/11/25

Problems Resolved:
1. Fix HNAP Service Stack-Based Buffer Overflow Vulnerability
CWE-121 CVE-2016-6563 VU#677427
http://www.kb.cert.org/vuls/id/677427

Enhancements:
None

---------------------

Firmware: 1.04b02_g7m9
Hardware: Rev.A1
Release Date: 2016/07/22

Problems Resolved:
1. Fixed send log as email.

Enhancements:
None

---------------------

Firmware: 1.03WWb01
Hardware: Rev.A1
Release Date: 2016/5/17

Problems Resolved:
1. Fixed the GUI display issue that sometimes "Click to repair" doesn't show up in home page.
2. Fixed the issue that Manual MTU setting doesn't in Static IP extender mode.
3. Fixed the incorrect description in GUI page.
4. Fixed the incorrect translation in GUI page while in extender mode.
5. Fixed the issue that WMM is set to disabled after the wizard installation of DIR-879.
6. Fixed the issue of Port Forwarding that sometimes disabling some rules causes other rules to be enabled
    automatically.
7. Fixed the issue that in RU domain code, after resetting DIR-879, sometimes wired/wireless clients may not access
    to INTERNET unless DIR-879 is rebooted manually.
8. Fixed the reported security issue.
9. Fixed the issue that WPS is performed in extender mode, all downlink wired or wireless clients will disconnect
    from DIR-879 and DIR-879 also disconnects from uplink router.
10. Fixed the issue that when home user selects Deutsch in language list in login page, UI description still display in
    English after log in DIR-879.
11. Fixed the issue that when home user set the IPv6 DNS setting manually, DIR-879, wired and wireless clients can't
    get IPv6 address.
12. Fixed the LED behavior of DIR-879 in wireless extender mode:
        [Bug]LED displays in solid white and the connection status in main page shows connected after DIR-879
        disconnects from uplink router.
        [Bug]After the timeout of WPS phase in downlink clients, LED still blinks in white.
        [Bug]If home user changes the wireless band with uplink router, then LED cannot change to solid white.
        [Bug]When the cable is detached from INTERNET port in DHCP mode, LED sometimes doesn't turn into
        orange.
        [Bug]When the cable is detached from INTERNET port and connected again in Static IP, LED will remains in
        solid orange.
        [Bug]In Static IP mode, LED turns into solid orange after home user changing and saving the IP setting of
        DIR879 on GUI page.
13. Fixed the LED behavior in router mode:
        After the timeout of WPS phase in downlink clients, LED doesn't turn into solid orange.

Enhancements:
1. Improved 2.4G wireless throughput.
2. Added wireless extender mode.

Known issues:
1. Send log as email not working. Will be fixed soon.



Carciofone

Attenzione: aggiunti al primo post i link del download dei firmware v. 1.11B02 20180817 e v. 1.12B01 20181001 correttivo dei bag indicati nel changelog parziale postato sotto.

Da installare successivamente all'installazione della versione 1.10 come sopra indicata.

Changelog:
DIR-878 Firmware Release Notes
Firmware: FW111
Hardware: Rev. Ax
Release Date: 2018/8/01
Note:
Problems Resolved:
1. Improved IOT for game console
2. Fix the bug:with internet settings when set DHCP/Static connect type, Set MTU with manual, it can't
apply.
3. Fix the bug: losing connecting with the specific modem daily
4. Improved user experience for D-Link Wi-Fi APP
Enhancements
1. Support D-Link Wi-Fi APP
(QRS mobile won't be supported from firmware version v1.10 or later version)


m4ss1

Attenzione: aggiunti al primo post i link del download dei firmware v. 1.20b05neo ALL 20190814.

Prima dell'aggiornamento leggere la guida DIR-878_FirmwareUpgrade_en

DIR-878 Firmware Release Notes

Firmware: 1.20b05neo
Hardware: Rev. Ax
Release Date: 2019/08/14

Problems Resolved:
1. Fix User setup.

----------

Firmware: 1.20b05
Hardware: Rev. Ax
Release Date: 2019/05/16

Problems Resolved:
1. Enhanced good user experience for D-Link Wi-Fi APP.

Enhancements
1. Support D-Link Wi-Fi APP (QRS mobile won't be supported from firmware version v1.10 or later version).

----------

Firmware: 1.20b03
Hardware: Rev. Ax
Release Date: 2019/02/15

Problems Resolved:
1. Fix Remote Management access over IPv6 internet connection.
2. Fix "Generic Router DNS Cache Poisoning Caused by Infrastructure Protocol Vulnerabilities" from GeekPwn 2018 contest.

m4ss1

#4
Avviso: aggiornato primo messaggio, pubblicato il link del nuovo firmware DIR-878 Rev A1 1.21b01 ALL multi 20190929.

DIR-878 Firmware Release Notes
Firmware: 1.21b01
Hardware: Rev. Ax
Release Date: 2019/09/29

Problems Resolved:
1. Compatible to actual D-Link Wi-Fi app for PPPoE setup with VLAN-ID.

----------


Importante: se la versione del firmware installato nel router è inferiore alla 1.10 è necessario aggiornare prima con il firmware 1_DIR-878_RevA_MiddleFirmware104b05 e successivamente con 2_DIR-878_RevA_Firmware121b01.bin

NB. per installare il firmware DD-WRT è necessario effettuare il downgrade del firmware D-Link alla versione 1.04 utilizzando il file 1_DIR-878_RevA_MiddleFirmware104b05.bin

m4ss1

Aggiornato primo messaggio: pubblicato il nuovo firmware 1.30b03 ALL mult 20191214.

DIR-878 Rev.A Firmware Release Notes
Firmware: 1.30b03
Hardware: Rev. Ax
Release Date: 2019/12/14

Problems Resolved:
1. ZDI-CAN-9470 - Authentication Bypass.
2. ZDI-CAN-9471 - strncmp function weakness leads to unauthenticated user ability tochange admin password.
(CVE-2020-8863 Authentication Bypass & CVE-2020-8864 Unauthenticated Bypass)

Enhancements:
1. Support WPA3-SAE.


Carciofone

Avviso: aggiornato primo messaggio, pubblicato il link del nuovo firmware DIR-878 Rev A1 1.30b08 ALL multi 20210329.

DIR-878 Firmware Release Notes
On January 12, 2021, a 3rd party security researcher submitted a report accusing the DIR-878 using firmware v1.30B08 of a LAN-side unauthenticated stack-based buffer overflow vulnerability   The Vulnerability was confirmed and a patch was issued too close the reported issue.  Please find the beta/hotfix release below.


3rd Party Report information

 

          - Report provided: pwang :: 18222325265 _at_ 163 _dot_ com

 
          - Reference :

                CVE-2021-30072 : https://nvd.nist.gov/vuln/detail/CVE-2021-30072

 

                 The issue was discovered on DLINK DIR-878 1.30B08. The firmware has a strcat is misused, which can be exploited to a stack-based buffer overflow vulnerability that does not require authentication.The vulnerability was in file prog.cgi, main function. Sending a malicous request to the target device from the LAN-side can cause the prog.cgi process to crash, resulting the device to malfunction.



Carciofone

Avviso: D-Link pubblica per questo fortunatissimo modello un nuovo firmware di aggiornamento datato 27.10.2022 con il quale introduce addirittura delle nuove features, tra cui il pieno supporto al più recente standard di crittografia wireless WPA3. Nel primo post il link del nuovo firmware DIR-878 Rev A1 1.30b08 Security04 ALL multi 20221027.

DIR-878 Firmware Release Notes
DIR-878 Rev.A Firmware Release Notes


Firmware: 1.30b08security04
Hardware: Rev. Ax
Release Date: 2022/10/12

Problems Resolved:
1. Addressed the HNAP command injection security issue

----------

Firmware: 1.30b08security
Hardware: Rev. Ax
Release Date: 2022/03/29

Problems Resolved:
1. Fix WPA3 issue with iOS.
2. Fix security: Authenticated Command Injection.
3. Fix security: Multiple Command Injection.
4. Fix security: Command Injection report by CNVD.
5. Fix security: IPV6 service ports open.
6. Fix security: Remote code execution vulnerability.
7. Fix security: ZDI-CAN-13796: lighttpd Stack-based Buffer Overflow Remote Code Execution Vulnerability.
8. Fix security: Buffer Overflow & Command Injection.

----------

Firmware: 1.30b03
Hardware: Rev. Ax
Release Date: 2019/12/14

Problems Resolved:
1. ZDI-CAN-9470 - Authentication Bypass.
2. ZDI-CAN-9471 - strncmp function weakness leads to unauthenticated user ability tochange admin password.
(CVE-2020-8863 Authentication Bypass & CVE-2020-8864 Unauthenticated Bypass)

Enhancements:
1. Support WPA3-SAE.

----------

Firmware: 1.21b01
Hardware: Rev. Ax
Release Date: 2019/09/29

Problems Resolved:
1. Compatible to actual D-Link Wi-Fi app for PPPoE setup with VLAN-ID.

----------

Firmware: 1.20b05neo
Hardware: Rev. Ax
Release Date: 2019/08/14

Problems Resolved:
1. Fix User setup.

----------

Firmware: 1.20b05
Hardware: Rev. Ax
Release Date: 2019/05/16

Problems Resolved:
1. Enhanced good user experience for D-Link Wi-Fi APP.

Enhancements:
1. Support D-Link Wi-Fi APP (QRS mobile won't be supported from firmware version v1.10 or later version).

----------

Firmware: 1.20b03
Hardware: Rev. Ax
Release Date: 2019/02/15

Problems Resolved:
1. Fix Remote Management access over IPv6 internet connection.
2. Fix "Generic Router DNS Cache Poisoning Caused by Infrastructure Protocol Vulnerabilities" from GeekPwn 2018 contest.

----------

Firmware: 1.12b01
Hardware: Rev. Ax
Release Date: 2018/08/14

Problems Resolved:
1. Added back AutoZoning support for AU CountryCode.

Enhancements
1. Support D-Link Wi-Fi APP (QRS mobile won't be supported from firmware version v1.10 or later version)

----------

Firmware: 1.11b02
Hardware: Rev. Ax
Release Date: 2018/07/09

Problems Resolved:
1. Improved IOT for game console.
2. Fix the bug:with internet settings when set DHCP/Static connect type, Set MTU with manual, it can't apply.
3. Fix the bug: losing connecting with the specific modem daily.
4. Improved user experience for D-Link Wi-Fi APP.

Enhancements
1. Support D-Link Wi-Fi APP
(QRS mobile won't be supported from firmware version v1.10 or later version)

----------

Firmware: 1.10b05
Hardware: Rev. Ax
Release Date: 2018/2/03

Note:
1. The firmware version is advanced to v1.10
2. The firmware v1.10 must be upgraded from the transitional version of firmware v1.04 (transitional version).

Problems Resolved:
1. Update wpa2 security patch
2. Support EU VLAN @ EU country code
3. Support VLAN profile @ SG country code
4. Upgrade dnsmasq to 2.78

Enhancements
1. Support D-Link Wi-Fi APP (QRS mobile won't be supported from firmware version v1.10 or later version).
2. Support image with encryption.

----------

Firmware: 1.06b01-07
Hardware: Rev.A1
Release Date: 2018/01/04

Note:
This release is to patch the WPA2 Key Reinstallation Attack (KRACK) Security Vulnerabilities affecting this product.

Problems Resolved:
A WPA2 wireless protocol vulnerability was reported to CERT//CC and public disclosed
as: VU#228519 - Wi-Fi Protected Access II (WPA2) handshake traffic can be
manipulated to induce nonce and session key reuse.

The following CVE IDs have been assigned to VU#228519. These vulnerabilities in the WPA2 protocol:

   ·   CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

   ·   CVE-2017-13078: reinstallation of the group key in the Four-way handshake

   ·   CVE-2017-13079: reinstallation of the integrity group key in the Four-way
       handshake

   ·   CVE-2017-13080: reinstallation of the group key in the Group Key handshake

   ·   CVE-2017-13081: reinstallation of the integrity group key in the Group Key
       handshake

   ·   CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association
       Request and reinstalling the pairwise key while processing it

   ·   CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake

   ·   CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
       PeerKey (TPK) key in the TDLS handshake

   ·   CVE-2017-13087: reinstallation of the group key (GTK) when processing a
       Wireless Network Management (WNM) Sleep Mode Response frame

   ·   CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
       processing a Wireless Network Management (WNM) Sleep Mode Response
       frame


This patch also included fixes for DNSmasq vulnerability:

   ·   CVE-2017-14491 � Remote code execution in the DNS subsystem that can be
       exploited from the other side of the internet against public-facing systems and
       against stuff on the local network. The previously latest version had a two-byte
       overflow bug, which could be leveraged, and all prior builds had an unlimited
       overflow.

   ·   CVE-2017-14492 � The second remote code execution flaw works via a heap-
       based overflow.

   ·   CVE-2017-14493 � Google labels this one as trivial to exploit. It's a stack-based
       buffer overflow vulnerability that enables remote code execution if it's used in
       conjunction with the flaw below.

   ·   CVE-2017-14494 � This is an information leak in DHCP which, when using in
       conjunction with CVE-2017-14493, lets an attacker bypass the security
       mechanism ASLR and attempt to run code on a target system.

   ·   CVE-2017-14495 � A limited flaw this one, but can be exploited to launch a
       denial of service attack by exhausting memory. Dnsmasq is only vulnerable,
       however, if the command line switches --add-mac, --add-cpe-id or --add-subnet
       are used.

   ·   CVE-2017-14496 � Here the DNS code performs invalid boundary checks,
       allowing a system to be crashed using an integer underflow leading to a huge
       memcpy() call. Android systems are affected if the attacker is local or tethered
       directly to the device.

   ·   CVE-2017-13704 � A large DNS query can crash the software

----------

Firmware: 1.05b01
Hardware: Rev.A1
Release Date: 2017/02/06

Problems Resolved:
1. Fix setup GUI is not reachable.

Enhancements:
None

----------

Firmware: 1.04b01_01
Hardware: Rev.A1
Release Date: 2016/11/25

Problems Resolved:
1. Fix HNAP Service Stack-Based Buffer Overflow Vulnerability
CWE-121 CVE-2016-6563 VU#677427
http://www.kb.cert.org/vuls/id/677427

Enhancements:
None

----------

Firmware: 1.04b02_g7m9
Hardware: Rev.A1
Release Date: 2016/07/22

Problems Resolved:
1. Fixed send log as email.

Enhancements:
None

----------

Firmware: 1.03WWb01
Hardware: Rev.A1
Release Date: 2016/5/17

Problems Resolved:
1. Fixed the GUI display issue that sometimes "Click to repair" doesn't show up in home page.
2. Fixed the issue that Manual MTU setting doesn't in Static IP extender mode.
3. Fixed the incorrect description in GUI page.
4. Fixed the incorrect translation in GUI page while in extender mode.
5. Fixed the issue that WMM is set to disabled after the wizard installation of DIR-879.
6. Fixed the issue of Port Forwarding that sometimes disabling some rules causes other rules to be enabled
    automatically.
7. Fixed the issue that in RU domain code, after resetting DIR-879, sometimes wired/wireless clients may not access
    to INTERNET unless DIR-879 is rebooted manually.
8. Fixed the reported security issue.
9. Fixed the issue that WPS is performed in extender mode, all downlink wired or wireless clients will disconnect
    from DIR-879 and DIR-879 also disconnects from uplink router.
10. Fixed the issue that when home user selects Deutsch in language list in login page, UI description still display in
    English after log in DIR-879.
11. Fixed the issue that when home user set the IPv6 DNS setting manually, DIR-879, wired and wireless clients can't
    get IPv6 address.
12. Fixed the LED behavior of DIR-879 in wireless extender mode:
        [Bug]LED displays in solid white and the connection status in main page shows connected after DIR-879
        disconnects from uplink router.
        [Bug]After the timeout of WPS phase in downlink clients, LED still blinks in white.
        [Bug]If home user changes the wireless band with uplink router, then LED cannot change to solid white.
        [Bug]When the cable is detached from INTERNET port in DHCP mode, LED sometimes doesn't turn into
        orange.
        [Bug]When the cable is detached from INTERNET port and connected again in Static IP, LED will remains in
        solid orange.
        [Bug]In Static IP mode, LED turns into solid orange after home user changing and saving the IP setting of
        DIR879 on GUI page.
13. Fixed the LED behavior in router mode:
        After the timeout of WPS phase in downlink clients, LED doesn't turn into solid orange.

Enhancements:
1. Improved 2.4G wireless throughput.
2. Added wireless extender mode.

Known issues:
1. Send log as email not working. Will be fixed soon.



Licenza Creative Commons
Il contenuto dei messaggi del forum è distribuito con
Licenza Creative Commons Attribuzione Non commerciale 4.0
Tutti i marchi registrati citati appartengono ai legittimi proprietari