⚠ Actively exploited
Added to CISA KEV on 2024-04-11. Federal agencies required to patch by 2024-05-02. Required action: This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions..
CVE-2024-3273
Severity
9.8CRITICAL
EPSS
94.4%
top 0.03%
CISA KEV
KEV
Added 2024-04-11
Due 2024-05-02
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedApr 4
KEV addedApr 11
KEV dueMay 2
CISA Required Action: This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.
Description
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. …
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4
Affected Packages8 packages
🔴Vulnerability Details
3💥Exploits & PoCs
1Nuclei▶
D-Link Network Attached Storage - Command Injection and Backdoor Account
🔍Detection Rules
1Suricata▶
ET WEB_SPECIFIC_APPS D-Link NAS devices Backdoor Account Access and Command Injection Attempt (CVE-2024-3273)↗2024-04-08