It may cause ARP table problems, if you connect more than one computer on the far end of a Client Bridge mode setup.
Request: the source of the site) Response to Dev Info.txt: Firmware External Version: V1.00 Firmware Internal Version: a86b Model Name: DIR-815 Hardware Version: WLAN Domain: xxx Kernel: 184.108.40.206 Language: en Graphcal Authentication: Disable LAN MAC: xx WAN MAC: xx WLAN MAC: xx These details are available without authentication.
============ Solution ============ DIR-645: Update to firmware v1.04b5 DIR-600: Update to firmware v2.16B01 DIR-300rev B: Update to firmware 2.14B01 fixes the authentication bypass but not the command injection vulnerability. ============ Credits ============ The vulnerability was discovered by Michael Messner Mail: devnull#at#s3cur1ty#dot#de Web: Twitter: @s3cur1ty_de ============ Time Line: ============ - discovered vulnerability in first device - contacted dlink via the webinterface - contacted Heise Security with details and Heisec forwarded the details to D-Link - D-link responded that they will check the findings - requested status update - requested status update and updated D-Link with the other vulnerable devices - D-Link responded that this is a security problem from the user and/or browser and they will not provide a fix.
It is backwards compatible with the IEEE 802.11b standard. It is WDS compatible and supports WMM (Qo S) to prioritize the traffic over the network.
A WPS button allows for easy wireless security configuration.
When the build process is done (yes, this could take several hours), flash the appropriate generated (openwrt-*-squashfs-factory.bin) file from web interface or from recovery mode (turn off; hold reset; turn on; go to or