Support Announcements
DIR-867-US Rev Ax / DIR-878 Rev Ax / DIR-882-US Rev Ax :: Generic Router DNS Cache Poisoning Caused by Infrastructure Protocol Vulnerability

Overview

 

On January 3, 2019, D-Link becamea aware of a 3rd Party security researcher that accused the DIR-878 Hardware Rev. Ax of a Generic Router DNS Cache Poisoning security flaw.

 

As D-Link investigated, and validated the report, and in coordination with the 3rd Party we have release the following Beta Hot-Fix which has a link below.

 

Firmware version that are created after this hot-fix, which you can reference version or release date, will include this hot-fix. We recommend always to keep up-to-date firmware which can be found  at https://support.dlink.com/ProductInfo.aspx?m=DIR-878

 
The Beta Hot-Fix has been throught the required cyber-security testing and software quality assurance for the specific issue.  This releases has not been through a complete cycle, nor will it be released as a fully qualified software release. 

D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates regularly.

  

3rd Party Report:

 

 GeekPwn Committee :: committee _at_ geekpwn _dot_ org

 

Affected Products and Fixes:

 

Model Revision Affected FW Fixed FW  Last Updated
DIR-867-US All Ax revisions v1.02b02 and below (older) v1.10b04 or by D-Link WiFi Mobile App 11/26/2019
DIR-878 All Ax revisions v1.12b01 and below (older) v1.20b05 or by D-Link WiFi Mobile App

11/20/2019

DIR-882-US All Ax revisions v1.11b01 and below (older) v1.20b06 or by D-Link WiFi Mobile App 11/26/2019

 

 

Regarding Security patch for your D-Link Devices
 
Firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.

 

Tto help better protect devices from security attacks, malware, and ransomware:

1. Keep device firmware up-to-date.

2. Any computer accessing information on this devices should have appropriate anti-virus protection and malware protection enabled

3. Regular back-ups of stored information on user devices should occur in case a disaster recovery is needed.

 
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.