DIR-890L/R

../../../_images/DIR-890L-R.png

Availability

Danger

This model has been Discontinued by D-Link. Consider upgrading to a different model!

Performance

Wireless Performance Explained

Advertised Speed of 5Ghz band

Theoretical 802.11ac speed on 5Ghz band (using 80Mhz channel, 256-QAM, 400 ns GI):

  • 3 spatial streams x 433.3 mbps/stream = 1299.9 mbps

Note

This is classified as a “Mid-Performer” 802.11ac wifi system. If higher performance is needed, consider upgrading to a “Top-Performer”. Read: What’s the fastest 802.11ac (wifi5) wifi system possible?

Security

  • WPA2-Personal (128-bit encryption)
  • WPA2-Enterprise (128-bit encryption)

Firmware Changelog

Does this support automatic firmware updates? To find out. If you have this model, and are running the latest firmware, contact us.

Download the latest firmware from dlink.com

1.21B02 BETA (2018-07-24)

Note:

  • On Oct. 2, 2017, the Google security team disclosed security flaws in the DNSmasq Linux software package that may lead to remote code execution (RCE) and information leaks

Problems Resolved:

  • CVE-2017-14491 – Remote code execution in the DNS subsystem that can be exploited from the other side of the internet against public-facing systems and against stuff on the local network. The previously latest version had a two-byte overflow bug, which could be leveraged, and all prior builds had an unlimited overflow.
  • CVE-2017-14492 – The second remote code execution flaw works via a heap-based overflow.
  • CVE-2017-14493 – Google labels this one as trivial to exploit. It’s a stack-based buffer overflow vulnerability that enables remote code execution if it’s used in conjunction with the flaw below.
  • CVE-2017-14494 – This is an information leak in DHCP which, when using in conjunction with CVE-2017-14493, lets an attacker bypass the security mechanism ASLR and attempt to run code on a target system.
  • CVE-2017-14495 – A limited flaw this one, but can be exploited to launch a denial of service attack by exhausting memory. Dnsmasq is only vulnerable, however, if the command line switches –add-mac, –add-cpe-id or –add-subnet are used.
  • CVE-2017-14496 – Here the DNS code performs invalid boundary checks, allowing a system to be crashed using an integer underflow leading to a huge memcpy() call. Android systems are affected if the attacker is local or tethered directly to the device.
  • CVE-2017-13704 – A large DNS query can crash the software.

1.20B01 (2017-10-06)

Note:

  • The firmware version is advanced to v120b01
  • The firmware v120b01 must be upgraded from the transitional version of firmware v111b04.

Problems Resolved:

  • Fixed the following security issues
  • Add Firmware Protection to BIN file and System
  • WAN && LAN - XSS exploit (CVE-2017-14413, CVE-2017-14414, CVE-2017-14415, CVE-2017-14416)
  • WAN - Weak Cloud protocol (CVE-2017-14419, CVE-2017-14420)
  • WAN && LAN - Stunnel private keys (CVE-2017-14422)
  • WAN && LAN - Nonce brute forcing for DNS configuration (CVE-2017-14423)
  • Local - Weak files permission and credentials stored in clear text (CVE-2017-14424, CVE-2017-14425, CVE-2017-14426, CVE-2017-14427, CVE-2017-14428)
  • LAN – DoS attack against some daemons (CVE-2017-14430)
  • Security fixes to PHP CGI files to mitigate exposing credentials
  • Correct stack overflow vulnerability caused by HNAP

1.11B02 (2017-07-18)

Note:

  • Reported by: Igor Kirillov (i.kirillov at embedi dot com) from Embedi

Problems Resolved:

  • Cgibin file incorrectly parses parameters sent by POST-request thus it allows an unauthorized user to execute php-sqript which discloses admin login and password.

1.11B01 BETA01 G97I (2016-11-09)

Security Fix:

1.10.B07 (2016-08-23)

Enhancements:

  • Enhances USB performance
  • Enhances Wi-Fi Stability
  • Supports iQoS
  • Supports VLAN configuration
  • Improves IPv6 6-in-4 functionality

1.09.B14 (2016-04-04)

Problems Resolved:

  • USB performance enhancement
  • Wi-Fi stability enhancement
  • Support Orray DDNS
  • Added WPS Enable/Disable button on Management UI
  • IPv6 Auto-detection improvement
  • IPv6 Simple Security improvement.
  • Extends the number of rules from 15 to 24. (Static Route IPv4 and v6, Port Forwarding, Firewall IPv4 and v6,Virtual Server, Website Filter)
  • Add Schedule Reboot
  • Improved IPv6 compatibility with Android.
  • Improved compatibility with IE11 and Edge browser on Windows10

Fixed Security Vulnerability:

Enhancements:

  • The new firmware notification will not pop-up after log into management UI.
  • Wi-Fi client using WPA-TKIP will not be able to connect to the router afterconfigured operation mode 802.11n or 802.11ac only.
  • mydlink portal can’t be accessed while Captcha is enabled.