Developers: | D-Link |
Date of the premiere of the system: | 2018 |
Last Release Date: | 2020/06/16 |
Technology: | Firewall, Routers (routers) |
Content |
D-Link a DIR series — a line of wireless routers.
2020
Correction of three of six vulnerabilities in DIR-865L
The D-Link company released the update of a firmware correcting three of six vulnerabilities which were detected in the wireless router DIR-865L. It became known on June 16, 2020. One of uncorrected vulnerabilities is critical, and two others — dangerous. Problems can be exploited for accomplishment of any commands, plunder of confidential information, loading of malware or removal of data.
The D-Link DIR-865L model was produced in 2012 and for June, 2020 is not supported for consumers in the USA, but on official pages for the European countries the status of the "end of sales" model is specified. It means that the product cannot be purchased any more, but it is still supported by the supplier.
Experts of division of Unit 42 of Palo Alto Networks company at the end of February, 2020 detected a number of vulnerabilities in D-Link DIR-865L and announced them to the producer:
- CVE-2020-13782: incorrect neutralization of the special elements used in a command (implementation of commands). The problem received assessment in 9.8 points on a scale of CVSS (is not corrected).
- CVE-2020-13786: Cross-site substitution of requests (Cross-Site Request Forgery, CSRF). The problem received assessment in 8.8 points on a scale of CVSS (is corrected).
- CVE-2020-13785: Insufficiently reliable enciphering. The problem received assessment in 7.5 points on a scale of CVSS (is corrected).
- CVE-2020-13784: Predictable initial number in the pseudorandom number generator. The problem received assessment in 7.5 points on a scale of CVSS (is not corrected).
- CVE-2020-13783: Storage of confidential information in the clear text. The problem received assessment in 7.5 points on a scale of CVSS (is corrected).
- CVE-2020-13787: Transfer of confidential information in clear. The problem received assessment in 7.5 points on a scale of CVSS (is not corrected).
As specialists noted though vulnerability of implementation of commands received critical evaluation of danger from NVD, its use requires authentication. According to one of researchers, consolidation of some of these vulnerabilities is able to allow malefactors to intercept network traffic and to steal cookie-files of a session.
Thus criminals can get access to the administrative portal for file sharing that gives them the chance to load any harmful files, to download confidential files or to delete important data. They can also use the cookie-file for start of any commands and implementation DDoS-attacks.
D-Link reacted to the notification of experts with release of the beta of a firmware in which only three vulnerabilities were corrected. The company did not comment on the solution to release partial corrections[1].
Start of sales of the hardware version of the DIR-615 router
The company D-Link announced on March 11, 2020 the beginning of sales equipment room of the version of wireless router DIR-615/X. The router is implemented on a hardware platform, equipped with the modern software, created in Ryazan a research and development center D-Link, and conforms to relevant technical requirements to the equipment of access of century Internet. Innovation supports all relevant types IPv4/ IPv6- connections, different scenarios of connection IPTV, reservation WAN, can perform functions of the WISP repeater, access point, the wireless repeater or Wi-Fi- the client.
Characteristics of the wireless router DIR-615/X:
- RTL8196E processor;
- one WAN port 10/100BASE-TX and four LAN ports 10/100BASE-TX;
- the button for automatic installation of the protected wireless connection (WPS);
- speed of Wi-fi is up to 300 Mbps (IEEE 802.11n);
- WMM (Wi-Fi QoS);
- enciphering in the wireless network according to WPA/WPA2 standards.
DIR-615/X is executed in the compact black body of 13.1 x 13 x 3.4 cm in size and equipped with the external fixed omni-directional rotary antennas with dBi gain amount 5 providing a sure covering and high-quality acceptance of a signal in apartments with a difficult design and a large number of mobile devices.
The functionality of security includes filtering on IP/ URL to the MAC/-addresses, the firewall with connection supervision, protection against ARP-and DoS- the attacks. The device supports IPsec the pass-through function which allows to pass IPsec-traffic and to set VPN- connections from internal network. Yandex The.DNS service provides protection of users against harmful and fraudulent websites and allows to protect children and teenagers from visit of the websites capable to do harm to their health or development.
DIR-615/X is completely adapted for work with IPTV and provides high-quality reproduction of media content in a home network. IGMP Proxy, different options of use of VLAN and the UDPXY application for viewing IPTV on the mobile devices and TVs which are not supporting multi-address traffic is supported.
Function of passband limiting of Ethernet-ports and speed of wireless clients provides optimum allocation of network resources and comfortable work of several local users at the same time. For ensuring uninterrupted Internet access function of reservation of WAN is implemented. As an alternative channel of access any wire or wireless WAN connection of the router can be used.
For setup and management well free mobile application of D-Link Assistant for iOS and Android. Function of the automatic notification on emergence on the server of updates of D-Link of the next version of software with its subsequent installation is supported.
The built-in client of TR-069 for remote diagnostics and control of the router allowing Internet service providers to reduce costs, to increase customer service quality and to reduce load of technical support services contains the software of DIR-615/X. The service of customization of DIR-615/X including placement of a logo on the body, individual design of packaging, development of the built-in software taking into account specific requirements of the customer and adding of necessary functionality, for example, of the SLA agent for monitoring of operability of client networks is available to Internet service providers.
The DIR-615/X router already arrived on a warehouse of the company in Ryazan and is available to the order at official resellers of the company. The recommended price for end users is $21.
2019
The vulnerability in the interface of the gateway allowing to execute far off the code
On October 7, 2019 it became known that the researcher Thana Nguyen Nguyen from FortiGuard Labs published details about critical vulnerability of CVE-2019-16920 in a firmware of some routers from D-Link. The problem was detected in September, 2019, however the supplier will not release a patch.
The problem is connected with not authenticated implementation of commands and mentions a firmware of DIR-655, DIR-866L, DIR-652 and DHP-1565 routers. Vulnerability can be exploited by the malefactor by input of any characters in the interface of the gateway PingTest that will allow to execute far off the code and to completely compromise a system. Critical vulnerability got 9.8 points from 10 according to CVSS v3.1 and 10.0 points according to CVSS v2.0.
On September 22, 2019 the researcher announced a problem of D-Link company. The producer confirmed vulnerability, however in connection with the termination of support of devices does not intend to release a patch. With respect thereto to users of vulnerable routers of D-Link it is strongly recommended to replace devices with newer models[2].
AC1200 Wave 2 routers with support of MU-MIMO (DIR-825, DIR-842, DIR-841, DIR-822, DIR-815/R, DIR-815/S)
On February 7, 2019 the company D-Link provided a line of wireless dual-band routers AC1200 Wave 2 with MU-MIMO support. According to the producer, routers passed full-scale test and are recommended for use on high-speed tariff plans federal and regional internet-providers.
According to the statement of the producer, AC1200 Wave 2 routers are intended for the organization of wireless networks of the smart home with a large number of at the same time working strimingovy applications, including viewing IPTV, broadcasting from surveillance cameras in HD quality, work with "cloud" services and resources of media content. Devices are also recommended for use in the corporate and office wireless networks of the SMB/SOHO level with increased requirements to capacity and a large number of at the same time connected mobile devices.
According to the producer, the provided generation of routers of D-Link is implemented on a high-performance hardware platform based on the RTL8197F processor with clock rate of 1 GHz and the wireless module AC1200 Wave 2 providing up to 867 Mbps in the range of 5 GHz and up to 300 Mbps in 2.4 GHz. The line of routers is provided by the following models:
- DIR-825 with WAN port of 1000 Mbps, 4 LAN ports of 1000 Mbps, multifunction port USB 2.0 and 4 external antennas 5 dBi;
- DIR-842 with WAN port of 1000 Mbps, 4 LAN ports of 1000 Mbps and 4 external antennas 5 dBi;
- DIR-841 with WAN port of 1000 Mbps, 4 LAN ports of 100 Mbps and 4 external antennas 5 dBi;
- DIR-822 with WAN port of 100 Mbps, 4 LAN ports of 100 Mbps and 4 external antennas 5 dBi;
- DIR-815/R with WAN port of 100 Mbps, 4 LAN ports 100 Mbit / c, multifunction port USB 2.0 and 4 external antennas 5 dBi;
- DIR-815/S with WAN port of 100 Mbps, 4 LAN ports 100 Mbit / c and 4 internal antennas 3.5 dBi.
As noted in D-Link, routers are optimized for work in premises with a difficult design and a large number of mobile devices. The technology of formation of the sent wireless signal of TX Beamforming increases quality of Wi-Fi-connections for client devices which are far from the router and worse accept a signal. Support of MU-MIMO allows to increase capacity of a wireless network due to simultaneous data transmission to several devices at once. In such network modern smartphones and tablets with support 802.11ac Wave 2 will be able to implement the high-speed opportunities to the maximum. For PC users and notebooks with wireless modules 802.11n the dual-band AC1300 USB adapter with support of MU-MIMO DWA-182 is recommended.
All models support function of intellectual distribution of clients of Smart Wi-fi and can be used for the organization of uniform wireless space based on several routers of D-Link. The Smart Wi-fi function allows the wireless client to be connected timely to the router with the highest level of a signal, providing increase in a coverage of Wi-fi, liquidation of "dead bands" and the best possible speed of connection in any point of a coverage, the producer claims.
According to D-Link, AC1200 Wave 2 routers are completely adapted for work with IPTV and provide high-quality reproduction in a home network of various media content. IGMP Proxy, different options of use of VLAN, the UDPXY application for viewing IPTV on mobile devices and TVs of Smart TV which are not supporting multi-address traffic is supported.
The multifunction USB port in the DIR-825 and DIR-815/R models supports connection USB drives, printers and 3G/LTE- modems. The built-in torrent-client allows to download files on the USB drive without use of the PC, and media server of DLNA – to broadcast the loaded media content on smartphones, tablets and Smart TV. It is possible deleted access to the drive on to protocols FTP or SMB. At connection of the USB modem of the device support reservation of channels of access in Internet: in case of problems on the line of the basic wire provider the router automatically switches to reserve 3G/LTE-connection, noted in D-Link.
mobile application D-Link Assistant is available to setup and management. The application, according to the producer, will help to configure Internet connection, a wireless network and IPTV, to include guest network Wi-fi, to block the websites, undesirable to the child, with the help URL- the filter or service Yandex. DNS to configure VPN- tunnels, probros ports, to switch-off indicators and many other things.
The software of routers is developed in the Russian Research and development center of D-Link taking into account requirements and on the basis of experience of cooperation with federal and regional Internet service providers. As the producer noted, AC1200 Wave 2 routers are completely adapted for work on modern tariff plans of providers. The DIR-822, DIR-815/R and DIR-815/S models provide capacity more than 95 Mbps on any types of connection. Capacity of gigabit DIR-825, DIR-842, DIR-841 models reaches 900 Mbps.
According to information for February, 2019 routers are available to the order at official resellers of the company. Recommended retail price: DIR-825/R – $61; DIR-842/R – $59; DIR-841 – $52; DIR-815/R – $48; DIR-822/R – $46; DIR-815/S – $43.
2018
The module of content filtering SkyDNS in D-Link DIR-853, DIR-878 and DIR-882
The producer of network equipment D-Link together with the cloud SkyDNS content filter was expanded by possibilities of routers of D-Link to make the Internet it is safer for their users and provided SkyDNS content filtering module. On December 13, 2018 the SkyDNS company reported about it.
Constantly growing number of users on the Internet opens the wide field for activity of swindlers and hackers. Every day in network there are new dangerous resources propagandizing a suicide, the websites the selling drugs, the harmful websites with viruses and trojans. For this reason, according to developers, there is a permanent need for improvement of protection of home users and business from actions of malefactors on the Internet.
According to developers, the D-Link DIR-853, D-Link DIR-878 and D-Link DIR-882 routers became safer due to emergence of the module of content filtering of SkyDNS. Thanks to features of SkyDNS service, not the just harmful content which already got to a local network is blocked, and harmful data at the request level to them are blocked. The cloud SkyDNS system allows to protect any number of smartphones and computers of all types connected to the router without installation of any programs at the same time offering enhanced capabilities of access control in the Internet and Internet security at the level of the router.
According to the statement of SkyDNS, the solution SkyDNS opens additional opportunities:
- Setup of filtering on more than 60 thematic categories and the separate websites from black and white lists.
- An opportunity to set to each device connected to the router of D-Link the settings of filtering, time of Internet access and the schedule of filtering.
- Use of the safe mode for YouTube – all videos with age restrictions are filtered.
- Forced inclusion of safe search modes in search systems Yandex Google, Bing or a possibility of use of own safe search of SkyDNS.
- Statistics of use the Internet on each device with a detailed report about the blocked and open websites.
- Blocking of the majority of types of Internet advertizing without additional plug-ins or programs.
- Additional functions of the notification allow to react quickly if in network there were devices infected with viruses or the router was switched-off from service of filtering.
The quality of filtering of Internet resources and harmful content is provided with own SkyDNS system for an automatic categorization and identification of harmful Internet nodes on the Internet. The SkyDNS base which is dynamically created and updated every day, contains for December, 2018 over 105 million websites that covers, according to the developer, all resources and resources requested by users of service seen in network.
According to information provided to D-Link it is possible to load updated software for the D-Link DIR-853, D-Link DIR-878 and D-Link DIR-882 routers with the provided functions on the website of D-Link, or to use function of autoupdating of a firmware in the WEB interface of the router. Also the D-Link company in 2019 is going to deliver routers with already updated firmware and the module of content filtering SkyDNS.
D-Link and SkyDNS consider that routers of D-Link with SkyDNS filtering – the reliable solution for protection of home users, small offices and educational institutions. Safe connection will allow to protect children from unnecessary and dangerous information, and will provide to parents comfortable use of the Internet without importunate advertizing and actions of swindlers on all devices. The solution will provide an additional layer of protection against Internet threats for business and will give the instrument of increase in efficiency of employees through blocking of the websites, not target for work.
N300 DIR-615/T
On March 6, 2018 the D-Link company provided the wireless router N300 DIR-615/T. The model is implemented based on the updated hardware platform and equipped with the software which is specially developed in the Ryazan Research and development center of D-Link for compliance of the device to technical requirements to the equipment of Internet access.
The device supports all relevant types IPv4/ IPv6- connections, different scenarios of connection IPTV, reservation WAN, technology of intellectual distribution of wireless clients of Smart Wi-Fi and also can perform functions of the WISP repeater, access point, the wireless repeater or the Wi-Fi-client.
DIR-615/T is equipped with WAN port 10/100BASE-TX and 4 LAN ports 10/100BASE-TX. The mode of automatic installation of the protected wireless connection (WPS) is provided.
The router supports wireless connection with speed up to 300 Mbps, mechanisms enciphering according to the WEP, WPA/WPA2 standards, guest network Wi-fi. The functionality of security includes filtering on IP/ URL to the MAC/-addresses, firewall with connection supervision, protection against ARP-and the DoS-attacks. The Yandex.DNS service allows to provide protection of users against harmful and fraudulent websites and to limit access for children and teenagers to "adult" materials.
For the purpose of optimum allocation of network resources and comfortable simultaneous operation of local users function of passband limiting of Ethernet-ports and canals of wireless clients is provided.
For increase in network reliability and an exception of cases of a sudden rupture of connection with the Internet function of reservation of WAN is implemented. As an alternative channel of access it is possible to use any wire or wireless WAN connection of the router.
DIR-615/T is executed in the compact stylish body of black color with the external fixed omni-directional rotary antennas with dBi gain amount 5 providing a sure covering and high-quality acceptance of a signal in apartments with a difficult design and a large number of mobile devices.
DIR-615/T supports technology of intellectual distribution of wireless clients of Smart Wi-fi and can be used at the organization of uniform wireless space Wi-Fi based on several routers of D-Link. The Smart Wi-fi technology allows to switch automatically the wireless client to the router with the highest level of a signal for a stable covering of Wi-fi and maximum speed of connection in any point of a coverage.
DIR-615/T supports IGMP Proxy and different options of use of VLAN, creating comfortable conditions for work with IPTV and reproduction in a home network of various media content from the Internet. Thanks to the UDPXY built-in application it is possible to broadcast video and audio streams from the IPTV channel of provider on the devices of a local network which are not supporting multi-address traffic, for example, TVs, video game consoles, audioplayers.
Setup and management of DIR-615/T are performed by the user in the step-by-step mode using the intuitive Russian-language Web interface and do not require special knowledge. Function of the automatic notification will timely notify the user on emergence on the server of updates of D-Link of the version of the built-in software with its subsequent installation. Besides for connection of the router to the Internet and setup of home or office wireless network it is possible to use free mobile application of D-Link Click'n'Connect for devices based on Android.