This model has been Discontinued by D-Link. Consider upgrading to a different model!
Advertised Speed of 5Ghz band¶
Theoretical 802.11ac speed on 5Ghz band (using 80Mhz channel, 256-QAM, 400 ns GI):
- 3 spatial streams x 433.3 mbps/stream = 1299.9 mbps
This is classified as a “Mid-Performer” 802.11ac wifi system. If higher performance is needed, consider upgrading to a “Top-Performer”. Read: What’s the fastest 802.11ac (wifi5) wifi system possible?
- WPA2-Personal (128-bit encryption)
- WPA2-Enterprise (128-bit encryption)
Does this support automatic firmware updates? To find out. If you have this model, and are running the latest firmware, contact us.
Download the latest firmware from dlink.com
1.21B02 BETA (2018-07-24)¶
- On Oct. 2, 2017, the Google security team disclosed security flaws in the DNSmasq Linux software package that may lead to remote code execution (RCE) and information leaks
- CVE-2017-14491 – Remote code execution in the DNS subsystem that can be exploited from the other side of the internet against public-facing systems and against stuff on the local network. The previously latest version had a two-byte overflow bug, which could be leveraged, and all prior builds had an unlimited overflow.
- CVE-2017-14492 – The second remote code execution flaw works via a heap-based overflow.
- CVE-2017-14493 – Google labels this one as trivial to exploit. It’s a stack-based buffer overflow vulnerability that enables remote code execution if it’s used in conjunction with the flaw below.
- CVE-2017-14494 – This is an information leak in DHCP which, when using in conjunction with CVE-2017-14493, lets an attacker bypass the security mechanism ASLR and attempt to run code on a target system.
- CVE-2017-14495 – A limited flaw this one, but can be exploited to launch a denial of service attack by exhausting memory. Dnsmasq is only vulnerable, however, if the command line switches –add-mac, –add-cpe-id or –add-subnet are used.
- CVE-2017-14496 – Here the DNS code performs invalid boundary checks, allowing a system to be crashed using an integer underflow leading to a huge memcpy() call. Android systems are affected if the attacker is local or tethered directly to the device.
- CVE-2017-13704 – A large DNS query can crash the software.
- The firmware version is advanced to v120b01
- The firmware v120b01 must be upgraded from the transitional version of firmware v111b04.
- Fixed the following security issues
- Add Firmware Protection to BIN file and System
- WAN && LAN - XSS exploit (CVE-2017-14413, CVE-2017-14414, CVE-2017-14415, CVE-2017-14416)
- WAN - Weak Cloud protocol (CVE-2017-14419, CVE-2017-14420)
- WAN && LAN - Stunnel private keys (CVE-2017-14422)
- WAN && LAN - Nonce brute forcing for DNS configuration (CVE-2017-14423)
- Local - Weak files permission and credentials stored in clear text (CVE-2017-14424, CVE-2017-14425, CVE-2017-14426, CVE-2017-14427, CVE-2017-14428)
- LAN – DoS attack against some daemons (CVE-2017-14430)
- Security fixes to PHP CGI files to mitigate exposing credentials
- Correct stack overflow vulnerability caused by HNAP
- Reported by: Igor Kirillov (i.kirillov at embedi dot com) from Embedi
- Cgibin file incorrectly parses parameters sent by POST-request thus it allows an unauthorized user to execute php-sqript which discloses admin login and password.
1.11B01 BETA01 G97I (2016-11-09)¶
- HNAP stack overflow :: DIR-8xx Routers Affected : All Models have Remote Admin Disabled as Default For more detailed information, please visit: http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10066
- Enhances USB performance
- Enhances Wi-Fi Stability
- Supports iQoS
- Supports VLAN configuration
- Improves IPv6 6-in-4 functionality
- USB performance enhancement
- Wi-Fi stability enhancement
- Support Orray DDNS
- Added WPS Enable/Disable button on Management UI
- IPv6 Auto-detection improvement
- IPv6 Simple Security improvement.
- Extends the number of rules from 15 to 24. (Static Route IPv4 and v6, Port Forwarding, Firewall IPv4 and v6,Virtual Server, Website Filter)
- Add Schedule Reboot
- Improved IPv6 compatibility with Android.
- Improved compatibility with IE11 and Edge browser on Windows10
Fixed Security Vulnerability:
- Stack-based buffer overflow exploit - CVE-2016-5681 VU#332115 – Reported by Daniel Romero - NCC Group - Street: Calle Serrano Galvache Number: 56 Building: Abedul Floor: 4th, Madrid, 28033 For additional details please visit: http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063
- The new firmware notification will not pop-up after log into management UI.
- Wi-Fi client using WPA-TKIP will not be able to connect to the router afterconfigured operation mode 802.11n or 802.11ac only.
- mydlink portal can’t be accessed while Captcha is enabled.