Vulnerable D-Link NAS devices

Backdoor Affecting Over 92.000 Exposed D-Link NAS Devices Discovered . There is no fix patch.

d link nas

A researcher has discovered a vulnerability in the internal code of several models of D-Link Network Attached Storage (NAS) devices. The researcher nicknamed "Netsecfish"  explains that the issue is in the script"/cgi-bin/nas_sharing.cgi", affecting the "HTTP GET Request Handler" component.

The two main issues that contribute to this vulnerability are tracked as per the code CVE-2024-3273 and is a backdoor that through an account that exists in the source code (username: "messagebus" with an empty password) someone can enter commands.

According to the researcher: "Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access to sensitive , modifying system configurations or denial of service conditions".

The device models affected by CVE-2024-3273 are:

  • DNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013
  • DNS-325 Version 1.01
  • DNS-327L Version 1.09, Version 1.00.0409.2013
  • DNS-340L Version 1.08

Netsecfish says network scans show over 92.000 vulnerable D-Link NAS devices connected to the internet are vulnerable to attacks through these flaws. The specific machines are also available in .

d-link,nas,vulnerability

The researcher contacted D-Link about the flaw and when asking when a patch would be released, the company said that these NAS devices had reached end of life (EOL) and were no longer supported.

So D-Link recommends the withdrawal of these products and replacing them with products receiving firmware updates.

D-Link has created a dedicated support page for legacy devices, where owners can browse the archives to find the latest security and firmware updates.

Those who insist on using obsolete they should at least apply the latest available updates, even if they do not address newly discovered issues such as CVE-2024-3273.

In addition, NAS devices should never be exposed to the internet, as they are often a target for data theft or encryption by ransomware attacks.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

NAS

d-link,nas,vulnerability

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).