Critical Vulnerability in D-Link NAS Devices Exposes Thousands to Exploitation

A big problem with security has been found in different types of D-Link Network Attached Storage (NAS) devices. It can be more than 92,000 of these devices might be in danger of being taken advantage of by hackers. The issue, called CVE-2024-3273, is a big problem because it seriously endangers the security and privacy of users’ data.

Netsecfish” identified the error which resides in the nas_sharing.cgi URI of affected D-Link NAS models. The problem comes from two main issues:
– There are secret codes that are always the same,
– There’s a way for bad people to put in their own commands, which lets them get into the devices without permission.

Attackers can exploit the flaw by sending malicious HTTP GET requests to the vulnerable devices’ /cgi-bin/nas_sharing.cgi endpoint. This could enable them to execute arbitrary commands on the devices, potentially compromising sensitive information stored within.

Affected Models:

There is several old D-Link NAS models which is impacted with this vulnerability, the models are DNS-320L, DNS-325, DNS-327L, and DNS-340L. These listed devies are not being supported by the manufacturer and its now considered end-of-life (EOL), which are still using by lot of people and businesses.

D-Link has acknowledged the existence of the vulnerability but has stated that no patches will be provided. These devices are no longer eligible for any kind of updates

Recommendations for Users:

D-Link advises to their users replace the old and affected devices. Using the old devices may affect the security protocols. They also advise to update the devices to latest versions of softwares and change security passwords regularly to keeps it safe. Additionally, users are strongly advised against exposing management interfaces to the internet to minimize the risk of exploitation.

In-the-Wild Exploitation:

Security organizations, including Greynoise and Shadowserver, have reported instances of in-the-wild attempts to exploit the vulnerability. This shows how important it is for users to act quickly to protect their devices and information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button