Support Announcements
(Non-US) DSL-3782 :: Rev. Ax :: FW v1.03 :: LAN-Side Unauthenticated Information Disclosure

Overview

On July 23, 2019,  a 3rd party reported a security vulnerability that affects the (non-US) DSL-3782,Hardware Revision A. This vulnerability allowed an malicious user to connected on the LAN-side of the device then could access the device configuration and credentials without being logged into the device.


3rd Party Report information


          - FTKahZModan :: wly353598996 _at_ qq _dot_ com

 

 Affected Models

 

Model  Revision Product Sourced Thru Affected FW Fixed FW Recommendation  Last Updated
DSL-3782 Ax Retail Purchase v1.01 & older EU_1.03_Beta Please Manually Update via Device Web-GUI 01/10/2020
DSL-3782 Ax WIND Telecom v1.01 & older WI_EU_Beta Please Contact Service Provider or Manually Update 01/10/2020
DSL-3782 Ax Taiwan Telecom (TT) v1.01 & older TT_1.10t_Beta Please Contact Service Provider or Manually Update 01/10/2020

  

Regarding Security patch for your D-Link Devices
 
Firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.
 
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.