This model has been Discontinued by D-Link. Consider upgrading to a different model!
Advertised Speed of 5Ghz band¶
Theoretical 802.11ac speed on 5Ghz band (using 80Mhz channel, 256-QAM, 400 ns GI):
- 2 spatial streams x 433.3 mbps/stream = 866.6 mbps
This is classified as a “Low-Performer” 802.11ac wifi system. If higher performance is needed, consider upgrading to a “Top-Performer”. Read: What’s the fastest 802.11ac (wifi5) wifi system possible?
- WPA2-Personal (128-bit encryption)
- WPA2-Enterprise (128-bit encryption)
Does this support automatic firmware updates? To find out. If you have this model, and are running the latest firmware, contact us.
Download the latest firmware from dlink.com
A research report to D-Link has reported multiple routers (DIR-850L A1/B1, DIR-822 C1 and DIR-880L A1) with security vulnerabilities: Authenticated bypass and Authenticated RCE. 3rd Party Researcher: Henry Huang (happyholic1203 at gmail dot com)
- Authentication bypass
- Authenticated RCE
2.22B02 BETA (2017-11-16)¶
- You must update your router to firmware versions 2.10B03 and 2.20B03 first before updating this firmware. Both are available in the 2.20B03 package.
- CVE-2017-14491 – Remote code execution in the DNS subsystem that can be exploited from the other side of the internet against public-facing systems and against stuff on the local network. The previously latest version had a two-byte overflow bug, which could be leveraged, and all prior builds had an unlimited overflow.
- CVE-2017-14492 – The second remote code execution flaw works via a heap-based overflow.
- CVE-2017-14493 – Google labels this one as trivial to exploit. It’s a stack-based buffer overflow vulnerability that enables remote code execution if it’s used in conjunction with the flaw below.
- CVE-2017-14494 – This is an information leak in DHCP which, when using in conjunction with CVE-2017-14493, lets an attacker bypass the security mechanism ASLR and attempt to run code on a target system.
- CVE-2017-14495 – A limited flaw this one, but can be exploited to launch a denial of service attack by exhausting memory. Dnsmasq is only vulnerable, however, if the command line switches –add-mac, –add-cpe-id or –add-subnet are used.
- CVE-2017-14496 – Here the DNS code performs invalid boundary checks, allowing a system to be crashed using an integer underflow leading to a huge memcpy() call. Android systems are affected if the attacker is local or tethered directly to the device.
- CVE-2017-13704 – A large DNS query can crash the software.
Problems Resolved: 1. Solve wireless setting issue by mydlink portal and app. Note: 1. The firmware must be upgraded from the transitional version of firmware v2.10b03. 2. FW can not backward compatible with Ax version
Problems Resolved: 1. Solve performance issue for intel7260 and Macbook 2. Solve IOT issue with DWA-192 3. Patch security issue. Enhancements: 1. ZIPB support 2. Update mydlink agnet 3. Update Openssl
- The firmware version is advanced to v2.20
- The firmware v2.20 must be upgraded from the transitional version of firmware v2.10b03.
Security Issues Fixed, reported by Pierre Kim on Sep 8th ,2017.
- Firmware Protection
- WAN && LAN - Retrieving admin password, gaining full access using the custom mydlink Cloud protocol (CVE-2017-14417, CVE-2017-14418)
- WAN - Weak Cloud protocol (CVE-2017-14419, CVE-2017-14420)
- LAN - Backdoor access (CVE-2017-14421)
- WAN && LAN - Stunnel private keys (CVE-2017-14422)
- Local - Weak files permission and credentials stored in clear text (CVE-2017-14424, CVE-2017-14425, CVE-2017-14426, CVE-2017-14427, CVE-2017-14428)
- WAN - Pre-Auth RCEs as root (L2) (CVE-2017-14429)
- LAN - DoS attack against some daemons (CVE-2017-14430)
2.10B03 MIDDLE ONLY (2017-09-19)¶
- The firmware v2.10 is the transitional version for upgrading to v2.20b03 or later version.
- Apply new FCC regulation
- Fixed IOT issue with Edge browser
Fixed Security Vulnerability:
- Stack-based buffer overflow exploit CVE-2016-5681 VU#332115 – Reported by Daniel Romero - NCC Group - Street: Calle Serrano Galvache Number: 56 Building: Abedul Floor: 4th, Madrid, 28033 For additional details please visit: http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063