Vulnerable D-Link NAS devices

Backdoor affecting over 92.000 exposed company NAS devices recently discovered. There is no fix patch.

d link nas

A researcher has discovered a vulnerability in the internal code of several models of Network Attached devices (NAS) from D-Link. The researcher nicknamed “Netsecfish”  explains that the issue is in the script"/cgi-bin/nas_sharing.cgi“, affecting the “HTTP GET Request Handler” element.

The two main issues that contribute to this vulnerability are tracked as per the code CVE-2024-3273 and it is a backdoor that through an account that exists in the source code (username: “messagebus” with an empty password) someone can enter commands.

According to the researcher: "Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access to sensitive information, modification of system configurations, or denial of service conditions."

The device models affected by CVE-2024-3273 are:

  • DNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013
  • DNS-325 Version 1.01
  • DNS-327L Version 1.09, Version 1.00.0409.2013
  • DNS-340L Version 1.08

Netsecfish says network scans show over 92.000 vulnerable Internet-connected D-Link NAS devices are susceptible to μέσω αυτών των ελαττωμάτων. Τα συγκεκριμένα μηχανήματα κυκλοφορούν και στην .

The researcher contacted D-Link about the flaw and when asking when a patch would be released, the company said that these NAS devices had reached end of life (EOL) and were no longer supported.

So D-Link recommends the withdrawal of these products and their replacement with receiving firmware updates.

D-Link has created a dedicated support page for legacy devices, where owners can browse the archives to find the latest security and firmware updates.

Those who insist on using outdated hardware should at least apply the latest available updates, even if they don't address newly discovered issues like CVE-2024-3273.

In addition, NAS devices should never be exposed to the internet, as they are often a target for data theft or encryption by ransomware attacks.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).