CVE-2024-3272
D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
YesDecision
Descriptions
A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
Se encontró una vulnerabilidad, que fue clasificada como muy crítica, en D-Link DNS-320L, DNS-325, DNS-327L y DNS-340L hasta 20240403. Este problema afecta a algunos procesamientos desconocidos de el archivo /cgi-bin/nas_sharing.cgi del componente HTTP GET Request Handler. La manipulación del argumento usuario con el bus de mensajes de entrada conduce a credenciales codificadas. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259283. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contactó primeramente con el proveedor y se confirmó de inmediato que el producto ha llegado al final de su vida útil. Debería retirarse y reemplazarse.
Eine Schwachstelle wurde in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 entdeckt. Sie wurde als sehr kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Mit der Manipulation des Arguments user mit der Eingabe messagebus mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.
CVSS Scores
SSVC
- Decision:Act
Timeline
- 2024-04-03 CVE Reserved
- 2024-04-04 CVE Published
- 2024-04-08 First Exploit
- 2024-04-11 Exploited in Wild
- 2024-05-02 KEV Due Date
- 2024-08-01 CVE Updated
- 2024-08-07 EPSS Updated
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.259283 | Technical Description |
| URL | Date | SRC |
|---|---|---|
| https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE | 2024-04-08 | |
| https://github.com/netsecfish/dlink | 2024-08-01 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 | 2024-06-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Dlink Search vendor "Dlink" | Dns-320l Firmware Search vendor "Dlink" for product "Dns-320l Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-320l Search vendor "Dlink" for product "Dns-320l" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-120 Firmware Search vendor "Dlink" for product "Dns-120 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-120 Search vendor "Dlink" for product "Dns-120" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dnr-202l Firmware Search vendor "Dlink" for product "Dnr-202l Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dnr-202l Search vendor "Dlink" for product "Dnr-202l" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-315l Firmware Search vendor "Dlink" for product "Dns-315l Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-315l Search vendor "Dlink" for product "Dns-315l" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-320 Firmware Search vendor "Dlink" for product "Dns-320 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-320 Search vendor "Dlink" for product "Dns-320" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-320lw Firmware Search vendor "Dlink" for product "Dns-320lw Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-320lw Search vendor "Dlink" for product "Dns-320lw" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-321 Firmware Search vendor "Dlink" for product "Dns-321 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-321 Search vendor "Dlink" for product "Dns-321" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dnr-322l Firmware Search vendor "Dlink" for product "Dnr-322l Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dnr-322l Search vendor "Dlink" for product "Dnr-322l" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-323 Firmware Search vendor "Dlink" for product "Dns-323 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-323 Search vendor "Dlink" for product "Dns-323" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-325 Firmware Search vendor "Dlink" for product "Dns-325 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-325 Search vendor "Dlink" for product "Dns-325" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-326 Firmware Search vendor "Dlink" for product "Dns-326 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-326 Search vendor "Dlink" for product "Dns-326" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-327l Firmware Search vendor "Dlink" for product "Dns-327l Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-327l Search vendor "Dlink" for product "Dns-327l" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dnr-326 Firmware Search vendor "Dlink" for product "Dnr-326 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dnr-326 Search vendor "Dlink" for product "Dnr-326" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-340l Firmware Search vendor "Dlink" for product "Dns-340l Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-340l Search vendor "Dlink" for product "Dns-340l" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-343 Firmware Search vendor "Dlink" for product "Dns-343 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-343 Search vendor "Dlink" for product "Dns-343" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-345 Firmware Search vendor "Dlink" for product "Dns-345 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-345 Search vendor "Dlink" for product "Dns-345" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-726-4 Firmware Search vendor "Dlink" for product "Dns-726-4 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-726-4 Search vendor "Dlink" for product "Dns-726-4" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-1100-4 Firmware Search vendor "Dlink" for product "Dns-1100-4 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-1100-4 Search vendor "Dlink" for product "Dns-1100-4" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-1200-05 Firmware Search vendor "Dlink" for product "Dns-1200-05 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-1200-05 Search vendor "Dlink" for product "Dns-1200-05" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dns-1550-04 Firmware Search vendor "Dlink" for product "Dns-1550-04 Firmware" | - | - |
Affected
| in | Dlink Search vendor "Dlink" | Dns-1550-04 Search vendor "Dlink" for product "Dns-1550-04" | - | - |
Safe
|