// For flags

CVE-2024-3272

D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

Act
*SSVC
Descriptions

A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

Se encontró una vulnerabilidad, que fue clasificada como muy crítica, en D-Link DNS-320L, DNS-325, DNS-327L y DNS-340L hasta 20240403. Este problema afecta a algunos procesamientos desconocidos de el archivo /cgi-bin/nas_sharing.cgi del componente HTTP GET Request Handler. La manipulación del argumento usuario con el bus de mensajes de entrada conduce a credenciales codificadas. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259283. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contactó primeramente con el proveedor y se confirmó de inmediato que el producto ha llegado al final de su vida útil. Debería retirarse y reemplazarse.

Eine Schwachstelle wurde in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 entdeckt. Sie wurde als sehr kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Mit der Manipulation des Arguments user mit der Eingabe messagebus mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.

D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.

*Credits: netsecfish
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Act
Exploitation
Active
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2024-04-03 CVE Reserved
  • 2024-04-04 CVE Published
  • 2024-04-08 First Exploit
  • 2024-04-11 Exploited in Wild
  • 2024-05-02 KEV Due Date
  • 2024-08-01 CVE Updated
  • 2024-11-11 EPSS Updated
CWE
  • CWE-798: Use of Hard-coded Credentials
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Dlink
Search vendor "Dlink"
Dns-320l Firmware
Search vendor "Dlink" for product "Dns-320l Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-320l
Search vendor "Dlink" for product "Dns-320l"
--
Safe
Dlink
Search vendor "Dlink"
Dns-120 Firmware
Search vendor "Dlink" for product "Dns-120 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-120
Search vendor "Dlink" for product "Dns-120"
--
Safe
Dlink
Search vendor "Dlink"
Dnr-202l Firmware
Search vendor "Dlink" for product "Dnr-202l Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dnr-202l
Search vendor "Dlink" for product "Dnr-202l"
--
Safe
Dlink
Search vendor "Dlink"
Dns-315l Firmware
Search vendor "Dlink" for product "Dns-315l Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-315l
Search vendor "Dlink" for product "Dns-315l"
--
Safe
Dlink
Search vendor "Dlink"
Dns-320 Firmware
Search vendor "Dlink" for product "Dns-320 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-320
Search vendor "Dlink" for product "Dns-320"
--
Safe
Dlink
Search vendor "Dlink"
Dns-320lw Firmware
Search vendor "Dlink" for product "Dns-320lw Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-320lw
Search vendor "Dlink" for product "Dns-320lw"
--
Safe
Dlink
Search vendor "Dlink"
Dns-321 Firmware
Search vendor "Dlink" for product "Dns-321 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-321
Search vendor "Dlink" for product "Dns-321"
--
Safe
Dlink
Search vendor "Dlink"
Dnr-322l Firmware
Search vendor "Dlink" for product "Dnr-322l Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dnr-322l
Search vendor "Dlink" for product "Dnr-322l"
--
Safe
Dlink
Search vendor "Dlink"
Dns-323 Firmware
Search vendor "Dlink" for product "Dns-323 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-323
Search vendor "Dlink" for product "Dns-323"
--
Safe
Dlink
Search vendor "Dlink"
Dns-325 Firmware
Search vendor "Dlink" for product "Dns-325 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-325
Search vendor "Dlink" for product "Dns-325"
--
Safe
Dlink
Search vendor "Dlink"
Dns-326 Firmware
Search vendor "Dlink" for product "Dns-326 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-326
Search vendor "Dlink" for product "Dns-326"
--
Safe
Dlink
Search vendor "Dlink"
Dns-327l Firmware
Search vendor "Dlink" for product "Dns-327l Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-327l
Search vendor "Dlink" for product "Dns-327l"
--
Safe
Dlink
Search vendor "Dlink"
Dnr-326 Firmware
Search vendor "Dlink" for product "Dnr-326 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dnr-326
Search vendor "Dlink" for product "Dnr-326"
--
Safe
Dlink
Search vendor "Dlink"
Dns-340l Firmware
Search vendor "Dlink" for product "Dns-340l Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-340l
Search vendor "Dlink" for product "Dns-340l"
--
Safe
Dlink
Search vendor "Dlink"
Dns-343 Firmware
Search vendor "Dlink" for product "Dns-343 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-343
Search vendor "Dlink" for product "Dns-343"
--
Safe
Dlink
Search vendor "Dlink"
Dns-345 Firmware
Search vendor "Dlink" for product "Dns-345 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-345
Search vendor "Dlink" for product "Dns-345"
--
Safe
Dlink
Search vendor "Dlink"
Dns-726-4 Firmware
Search vendor "Dlink" for product "Dns-726-4 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-726-4
Search vendor "Dlink" for product "Dns-726-4"
--
Safe
Dlink
Search vendor "Dlink"
Dns-1100-4 Firmware
Search vendor "Dlink" for product "Dns-1100-4 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-1100-4
Search vendor "Dlink" for product "Dns-1100-4"
--
Safe
Dlink
Search vendor "Dlink"
Dns-1200-05 Firmware
Search vendor "Dlink" for product "Dns-1200-05 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-1200-05
Search vendor "Dlink" for product "Dns-1200-05"
--
Safe
Dlink
Search vendor "Dlink"
Dns-1550-04 Firmware
Search vendor "Dlink" for product "Dns-1550-04 Firmware"
--
Affected
in Dlink
Search vendor "Dlink"
Dns-1550-04
Search vendor "Dlink" for product "Dns-1550-04"
--
Safe
* End Of Life in some or all products. Do not expect updates.