D-Link DIR-645 Router Firmware Update 1.04B11

User Drivers » LAN / Network Adapter » D-Link »
Date Added: January 14, 2014 / Release Date: December 04, 2013 / Publisher:D-Link / File Size: 7.2 MB
OS: Mac OS, Windows

Download

Vulnerabilities Addressed:

  • Fix Admin Password will accepting and saving complex password, then not allow the user to use new complex password.
  • Fix Buffer overflow on "post_login.xml".
  • Fix Buffer overflow on "hedwig.cgi".
  • Fix Buffer overflow on "authentication.cgi".
  • Fix (CSRF) Cross-site scripting on "bind.php".
  • Fix (CSRF) Cross-site scripting on "info.php".
  • Fix (CSRF) Cross-site scripting on "bsc_sms_send.php".
  • Fix Web file access api getfile path could not include ../
  • Fix bypass authentication before scan direction in the router. (__ajax_explorer.sgi).
  • Fix curl -H "Cookie: uid=9gIdu6X6nF" -d
    "EVENT=%26%20telnetd%26" http://192.168.0.1/service.cgi would cause script injection issue to execute telentd.
  • Fix bypass authentication on version.php show too much router information.
  • Fix widget functions and remove the relative files like router_info.xml from unauthorized access.
  • Fix issue that disables telnetd after the router is not longer factory default.
  • Fix unauthorized post execute commands in the router by command.php.
  • Fix Vulnerabilities Discovered and Disclosure by Roberto Paleari <"roberto@greyhats.it">.
  • Fix Buffer overflow on "post_login.xml".
  • Fix Buffer overflow on "hedwig.cgi".
  • Fix Buffer overflow on "authentication.cgi".
  • Fix (CSRF) Cross-site scripting on "bind.php".
  • Fix (CSRF) Cross-site scripting on "info.php".
  • Fix (CSRF) Cross-site scripting on "bsc_sms_send.php".

Recent Drivers

D-Link DIR-615 RevE Router Firmware Update 5.11
D-Link DIR-645 Router Firmware Update 1.04B11
D-Link DIR-655 RevB Router Firmware Update 2.11
D-Link DIR-655 RevA Router Firmware Update 1.37
D-Link DIR-815 RevB Router Firmware Update 2.03B05