1. Q:
    2. Security Advisory for WPA-2 Vulnerabilities
    1. A:
    2. On October 16th, researchers disclosed security vulnerabilities in the widely used standard for Wi-Fi security WPA2 (Wi-Fi Protected Access II) that make it possible for attackers to eavesdrop on Wi-Fi traffic. D-Link has immediately taken actions to investigate this matter. This security concern appears to be an industry-wide issue that will require firmware patches to be provided from the relevant semiconductor chipset manufacturers.

       

      D-Link has requested assistance from the chipset manufacturers. As soon as the firmware patches are received from the chipset manufacturers, we will post them on our websites immediately. Please take the following important actions to help protect your privacy:

       

      1. Is highly recommended to use encrypted communications protocols such as VPN or HTTPS, especially when delivering confidential information.

      2. Check our website regularly for the newest firmware updates.


      Important notice to D-Link product owners:

      Please note that your D-Link devices should only be vulnerable if the hacker is within wireless range of your network.

      To reduce the risk of being impacted by this WPA2 vulnerability issue, DWL, DAP, and DIR series products should have all WDS, wireless client, and extender modes disabled until the update patches are available.

      D-Link access points are not affected by this vulnerability if being used in Access Point mode.


      In addition, all access points under unified management with wireless controllers, Central Wi-Fi Manager or AP-Array SHOULD NOT BE AFFECTED.


      [Updated 11/29/17 for products sold in Canada]


       

      Associated CVE IDs for CERT/CC VU number: VU#228519

      • CVE-2017-13077
      • CVE-2017-13078
      • CVE-2017-13079
      • CVE-2017-13080
      • CVE-2017-13081
      • CVE-2017-13082


      The WPA2 protocol is ubiquitous in wireless networking. The vulnerabilities described are in the standard requiring a broad product-line and industry correction. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific product, check the table. Note that the table list below is not exhaustive, and we recommend to check back frequently over the next 30 days.

      These WPA-2 vulnerabilities affect the following Canadian products:


      TBC = To Be Confirmed


      Wireless Router, AP, Adapter, Power-Line (Updated: 2017-11-23)
      Model H/W Official 
      COVR-1300E A1 TBC
      COVR-3902 A1 TBC
      COVR-P2500 A1 TBC
      DAP-1320A1 A1 TBC
      DAP-1320B1 B1 TBC
      DAP-1320C1 C1 TBC
      DAP-1325/A1 A1 TBC
      DAP-1330 A1 TBC
      DAP-1360 A1 TBC
      DAP-1520 A1 TBC
      DAP-1530/A1 A1 TBC
      DAP-1610/A1 A1 TBC
      DAP-1620 A1/A2 TBC
      DAP-1650 A1/A2 TBC
      DAP-1665 B1 TBC
      DAP-1665 A1/A2 TBC
      DAP-1720 A1 TBC
      DAP-1860 A1 TBC
      DHP-W610AV A1 TBC
      DIR-865L A1 TBC
      DIR-880L A1/A2 TBC
      DIR-885L A1/A2 TBC
      DIR-895L A1/A2/A3 TBC
      DSP-W215 A2 TBC
      DWA-121 A1 TBC
      DWA-121 B1 TBC
      DWA-125 D1 TBC
      DWA-130 F1 TBC
      DWA-131 E1 TBC
      DWA-140 D1 TBC
      DWA-140 B3 TBC
      DWA-160 B2 TBC
      DWA-160 C1 TBC
      DWA-171A1 A1 TBC
      DWA-182 D1 TBC
      DWA-182C1 C1 TBC
      DWA-192 A1 TBC
      DWA-548 A1 TBC
      DWA-548 B1 TBC
      DWA-582 A1 TBC






      IP Cameras  2017-11-24 updated
      Model H/W Official 
      DCS-2130 A1 TBC
      DCS-2132L A1 TBC
      DCS-2132L B B1 TBC
      DCS-2136L A1 TBC
      DCS-2230L A A1 TBC
      DCS-2330L A1 TBC
      DCS-2332L A1 TBC
      DCS-2530L A2 TBC
      DCS-2670L A1 TBC
      DCS-5010L A1 TBC
      DCS-5020L A1 TBC
      DCS-5030L A1 TBC
      DCS-5222L A A3 TBC
      DCS-5222L B B2 TBC
      DCS-6005L A1 TBC
      DCS-700L A1 TBC
      DCS-8000LH A1 TBC
      DCS-800L A1 TBC
      DCS-825L A1 TBC
      DCS-850L A1 TBC
      DCS-930L A A3 TBC
      DCS-930L B B2 TBC
      DCS-931L A1 TBC
      DCS-932L A A1 TBC
      DCS-932L B B2 TBC
      DCS-933L A1 TBC
      DCS-935L A1 TBC
      DCS-936L A1 TBC
      DCS-942L A A3 TBC
      DCS-942L B B1 TBC
      DCS-960L A1 TBC
      DSH-C310  A1 TBC



      Access Points

      Model H/W Official 
      DAP-2230 Ax  2018/1
      DAP-2310 Bx 2018/1
      DAP-2330 Ax 2018/1
      DAP-2360 Bx 2017/12
      DAP-2553 Bx 2018/1
      DAP-2610 Ax  2017/12
      DAP-2660 Ax 2017/12
      DAP-2695 Ax 2018/1
      DAP-3320 Ax 2018/1
      DAP-3662 Ax 2018/1



       Mobile Product:

      Model H/W Official 
      DIR-506L A1 TBC



      Unified Wireless Product - Updated on 2017/11/23 


      The following Access Points are more likely to be affected by the WPA2 vulnerability issue if they are being used in wireless client or WDS mode.

      If the AP’s are being used in Access Point mode (the default mode), they should not be affected.




      Model H/W Official 
      DWL-3610AP A1 TBC
      DWL-6610AP B1 TBC
      DWL-6610AP A1 TBC
      DWL-6700AP A3 TBC
      DWL-8610AP Ax TBC
      DWL-8710AP A1 TBC








Did you find this article useful? Yes No