Critical RCE Bug Exploited in Over 92,000 D-Link NAS Devices

Critical RCE Bug Exploited in Over 92,000 D-Link NAS Devices
Critical RCE vulnerability in over 92,000 D-Link NAS devices now exploited by attackers. Learn about the risks and D-Link's response to the flaw.

Over 92,000 D-Link Network Attached Storage (NAS) devices are currently exposed to a critical remote code execution (RCE) vulnerability, with attackers actively exploiting the flaw. The issue, identified as CVE-2024-3273, stems from a backdoor account with hardcoded credentials, coupled with a command injection vulnerability present in the devices’ firmware.

A security researcher, known as ‘Netsecfish’, unveiled that the flaw is specifically located within the ‘/cgi-bin/nas_sharing.cgi’ script of several D-Link NAS models, impacting their HTTP GET Request Handler. The critical vulnerabilities allow attackers to execute arbitrary commands remotely by chaining a hardcoded account access and a command injection through the “system” parameter.

The impacted D-Link NAS models include DNS-320L, DNS-325, DNS-327L, and DNS-340L, across various firmware versions. Over 92,000 of these devices have been found exposed online, making them vulnerable to potential attacks exploiting these security flaws.’

Attackers exploiting this vulnerability can execute commands remotely on the devices, potentially leading to unauthorized access, data theft, system configuration changes, or even denial of service attacks. The affected models include DNS-320L, DNS-325, DNS-327L, and DNS-340L, with different versions of these models being susceptible. Despite the alarming situation, D-Link has stated that these devices have reached their end of life (EOL) and will not receive any patches or firmware updates to rectify the issue.

Unfortunately, D-Link has stated that these models are end-of-life (EOL) and no longer supported, indicating that no firmware updates or patches will be released to address the vulnerabilities. The company recommends retiring the affected devices and replacing them with supported models that receive regular security updates. D-Link has published a security bulletin and set up a support page for legacy devices to raise awareness about the issue. Users are advised to apply any available updates and avoid exposing NAS devices directly to the internet to mitigate risks associated with such vulnerabilities​​.

About the author

Rahul Gaur

Over the past 10 years of experience as a Content specialist, I've worked to build successful web publications focusing on SEO and researching, writing, editing and publishing content.

Add Comment

Click here to post a comment

Web Stories

5 Best Projectors in 2024: Top Long Throw and Laser Projectors for Every Budget 5 Best Laptop of 2024 5 Best Gaming Phones in Sept 2024: Motorola Edge Plus, iPhone 15 Pro Max & More! 6 Best Football Games of all time: from Pro Evolution Soccer to Football Manager 5 Best Lightweight Laptops for High School and College Students 5 Best Bluetooth Speaker in 2024 6 Best Android Phones Under $100 in 2024 6 Best Wireless Earbuds for 2024: Find Your Perfect Pair for Crystal-Clear Audio Best Macbook Air Deals on 13 & 15-inch Models Start from $149