CVE-2024-3273
Last modified
CVE-2024-3273 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. CISA has confirmed active exploitation in the wild. EPSS estimates a 100.00% chance of exploitation in the next 30 days.
Description
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
100.0th percentile
Probability of exploitation in the next 30 days. Learn more
Exploitation Status
This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by .
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dns-320l Firmware | 1.01.0702.2013 |
| Dlink | Dns-320l Firmware | 1.03.0904.2013 |
| Dlink | Dns-320l Firmware | 1.11 |
| Dlink | Dns-120 Firmware | All versions |
| Dlink | Dnr-202l Firmware | All versions |
| Dlink | Dns-315l Firmware | All versions |
| Dlink | Dns-320 Firmware | All versions |
| Dlink | Dns-320lw Firmware | All versions |
| Dlink | Dns-321 Firmware | All versions |
| Dlink | Dnr-322l Firmware | All versions |
| Dlink | Dns-323 Firmware | All versions |
| Dlink | Dns-325 Firmware | 1.01 |
| Dlink | Dns-326 Firmware | All versions |
| Dlink | Dns-327l Firmware | 1.00.0409.2013 |
| Dlink | Dns-327l Firmware | 1.09 |
| Dlink | Dnr-326 Firmware | All versions |
| Dlink | Dns-340l Firmware | 1.08 |
| Dlink | Dns-343 Firmware | All versions |
| Dlink | Dns-345 Firmware | All versions |
| Dlink | Dns-726-4 Firmware | All versions |
| Dlink | Dns-1100-4 Firmware | All versions |
| Dlink | Dns-1200-05 Firmware | All versions |
| Dlink | Dns-1550-04 Firmware | All versions |
References
- https://github.com/netsecfish/dlinkExploit, Third Party Advisory
- https://vuldb.com/?ctiid.259284Permissions Required, VDB Entry
- https://vuldb.com/?id.259284Third Party Advisory, VDB Entry
- https://vuldb.com/?submit.304661Third Party Advisory, VDB Entry
- https://github.com/netsecfish/dlinkExploit, Third Party Advisory
- https://vuldb.com/?ctiid.259284Permissions Required, VDB Entry
- https://vuldb.com/?id.259284Third Party Advisory, VDB Entry
- https://vuldb.com/?submit.304661Third Party Advisory, VDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3273US Government Resource
- https://www.greynoise.io/blog/cve-2024-3273-d-link-nas-rce-exploited-in-the-wildThird Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2024-3273?
How severe is CVE-2024-3273?
How do I fix CVE-2024-3273?
Are you affected by CVE-2024-3273?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST