⚠ Actively exploited
Added to CISA KEV on 2024-04-11. Federal agencies required to patch by 2024-05-02. Required action: This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions..
CVE-2024-3272 — Hard-coded Credentials in D-link Dns-320l
Severity
9.8CRITICALNVD
EPSS
94.1%
top 0.09%
CISA KEV
KEV
Added 2024-04-11
Due 2024-05-02
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedApr 4
KEV addedApr 11
KEV dueMay 2
CISA Required Action: This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.
Description
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associ…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages8 packages
🔴Vulnerability Details
3CVEList▶
D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials↗2024-04-04
GHSA▶
GHSA-qr33-7mgh-rqvr: ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-3↗2024-04-04
💥Exploits & PoCs
1Nuclei▶
D-Link Network Attached Storage - Backdoor Account