Support Announcements
DCS-5020L :: HW Rev. Ax :: FW v1.14.09 :: Multiple vulnerabilities in Legacy MatrixSSL suite used in frimware


On November 7, 2017, a 3rd party accused the DCS-5020L of multiple vulnerabilities due to it using an older legacy software library by MatrixSSL, in the device firmware and GPL source package.   The Vulnerability was confirmed and a patch was issued too close the issue.  Please use your mydlink mobile application to up date to the latest firmware, or go to for alternative instructions.

3rd Party Report information


         Craig Young :: vuln-report _at_ secur3 _dot_ us


         MatrixSSL Vulnerability Disclosures
          -  CVE-2016-6892 :: Link
          -  CVE-2016-6891 :: Link
          -  CVE-2016-6890 :: Link
          -  Tripwire :: Link


 Affected Models


Model Hardware Revision Affected FW Fixed FW Recommendation  Last Updated
DCS-5020L All Ax Hardware Revisions v1.14.09  & Below v1.15.12 Please use mydlink mobile app to updated 07/25/2018


Regarding Security patch for your D-Link Devices
Firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.