• Home Support Forums Security Advisories Shop     English | French
Security Announcement
Announcement > SAP10072
DIR-600M Rev. Cx :: CVE-2017-5874 :: CSRF/XSS Vulnerability Security Patch Released
Publication ID: SAP10072
Resolved Status: Yes
Published on: 21 March 2017 11:00 GMT
Last updated on: 21 March 2017 11:01 GMT

Summary:

 

Security Patch to close: CVE-2017-5874 :: DSM-600M Rev. Cx :: CSRF/XSS :: Authentication Bypass



3rd Party Reports:

 
AJAY KULAL :: ajayskulal  At  G mail :: Author of CVE-2017-5874
 
Ronit Yadav   :: thetouron At protonmail.com

Jay Thakker   :: Linked-In
 
 

Paches for Affected DIR-600M Rev. C

 

Firmware: Here :: Patch Version: DSM-600M C1_v3.05ENB01_beta_20170306

 

Release Notes: Here

 

NOTE: TO ENSURE YOUR PRODUCT HAS THE LATEST SECURITY UPDATES AND OPERATES AT OPTIMAL PERFORMANCE, IT IS RECOMMENDED YOU UPDATE YOUR PRODUCT TO THE LATEST FIRMWARE AFTER INSTALLATION AND TO PERIODICALLY CHECK FOR NEW FIRMWARE RELEASES.