cve-2024-3272
Vulnerability from cvelistv5
Published
2024-04-04 01:00
Modified
2024-08-01 20:05
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS score ?
Summary
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@vuldb.com | https://github.com/netsecfish/dlink | Exploit, Third Party Advisory | |
| cna@vuldb.com | https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 | Vendor Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.259283 | Permissions Required | |
| cna@vuldb.com | https://vuldb.com/?id.259283 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/netsecfish/dlink | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?ctiid.259283 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.259283 | Third Party Advisory |
Impacted products
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2024-04-11
Due date: 2024-05-02
Required action: This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.
Used in ransomware: Unknown
Notes: https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383; https://nvd.nist.gov/vuln/detail/CVE-2024-3272
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dlink:dns-320l_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dns-320l_firmware",
"vendor": "dlink",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
},
{
"cpes": [
"cpe:2.3:o:dlink:dns-325_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dns-325_firmware",
"vendor": "dlink",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
},
{
"cpes": [
"cpe:2.3:o:dlink:dns-327l_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dns-327l_firmware",
"vendor": "dlink",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
},
{
"cpes": [
"cpe:2.3:o:dlink:dns-340l_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dns-340l_firmware",
"vendor": "dlink",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3272",
"options": [
{
"Exploitation": "Active"
},
{
"Automatable": "Yes"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-12T04:00:39.050176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-04-11",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-3272"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:32:58.315Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:05:08.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-259283 | D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials",
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.259283"
},
{
"name": "VDB-259283 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.259283"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://github.com/netsecfish/dlink"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP GET Request Handler"
],
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
},
{
"modules": [
"HTTP GET Request Handler"
],
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
},
{
"modules": [
"HTTP GET Request Handler"
],
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
},
{
"modules": [
"HTTP GET Request Handler"
],
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20240403"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "netsecfish"
}
],
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 entdeckt. Sie wurde als sehr kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Mit der Manipulation des Arguments user mit der Eingabe messagebus mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-11T09:44:24.119Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-259283 | D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.259283"
},
{
"name": "VDB-259283 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.259283"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/netsecfish/dlink"
},
{
"tags": [
"related"
],
"url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2024-04-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-04-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-04-11T11:49:12.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3272",
"datePublished": "2024-04-04T01:00:05.740Z",
"dateReserved": "2024-04-03T18:21:29.925Z",
"dateUpdated": "2024-08-01T20:05:08.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2024-3272",
"cwes": "[\"CWE-798\"]",
"dateAdded": "2024-04-11",
"dueDate": "2024-05-02",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383; https://nvd.nist.gov/vuln/detail/CVE-2024-3272",
"product": "Multiple NAS Devices",
"requiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.",
"shortDescription": "D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthorized code execution.",
"vendorProject": "D-Link",
"vulnerabilityName": "D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability"
},
"fkie_nvd": {
"cisaActionDue": "2024-05-02",
"cisaExploitAdd": "2024-04-11",
"cisaRequiredAction": "This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.",
"cisaVulnerabilityName": "D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability",
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320l_firmware:1.01.0702.2013:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F733CFC-CB96-46B0-AE7E-21822560C774\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320l_firmware:1.03.0904.2013:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93290C71-4CDF-4645-AB29-49E832AE6BF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320l_firmware:1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91A5ABBE-0AC8-47CB-B420-3C68020B9132\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C677E53-6885-4EC4-A7CC-E24E8F445F59\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-120_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C44BE2C6-BF3E-43C3-B32F-2DCE756F94BC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E161E54-2FE9-4359-9B2D-8700D00DE8E7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dnr-202l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96195649-172A-4C21-AA15-7B05F86C5CEC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07A92F2C-16FD-4A53-8066-83FEC2818DF5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-315l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8CFCD7B-EFFB-4FAB-9537-46AC7B567126\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03C5CED7-55A7-4026-95CD-A2ADB5853823\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4452F9A4-3A0A-4773-9818-04C94CF9F8E7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0F5355E-F68D-49FE-9793-1FD9BD9AF3E1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320lw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FE78C5B-2A98-47EE-BF67-CF58AFE50A37\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45467ABC-BAA9-4EB0-9F97-92E31854CA8B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A278BC9-6197-43D9-93C2-3DF760856FB7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-321_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC28053F-88A9-4CA1-A2A2-CC90FEEA68FC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DAF62A4-2429-4B89-8FAD-8B23EF15E050\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dnr-322l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD3AD5EE-8E1E-4336-A1AB-AB028CC71286\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-323_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"641CB5F1-3DE0-480B-95A4-FC42A8FF3C97\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94ED678A-AB4C-4637-B0D8-C232A0BB5D5F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-325_firmware:1.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F42F8AA8-30F9-46D9-92D9-CF8876E04FFA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8042169D-D9FA-4BD6-90D1-E0DE269E42B9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-326_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E6F048-D865-4378-87C7-B0E528134276\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D26F4F77-A6E3-4D7D-A781-BEB5FF7BC44F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-327l_firmware:1.00.0409.2013:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"288DA5DF-BC45-4B81-82C6-9E78417F415B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-327l_firmware:1.09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45D36608-4CCB-4B4F-AC7C-AB925817FF83\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB305B29-7F89-4A52-9ECF-3DB0BDD2350D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dnr-326_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"816E5F34-CE76-49E5-91F3-8CC84C561558\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33CB308B-CF82-4E40-B2DC-23EBD48CD130\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-340l_firmware:1.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A2A09C0-1495-4999-A2B2-CE3474A02CC8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0646B20C-5642-4CEA-A96C-7E82AD94A281\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F968791D-D3BD-442C-818E-4E878B12776D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-343_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD656642-EDD4-4EB2-81AB-04207BC14196\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7E56821-7EA0-4CA1-BA17-7FD4ED9F794C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-345_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12C5E2D7-018E-4ED1-92C7-B5B1D8CC6990\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75E5010F-21BA-4B6B-B00C-2688268FD67B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-726-4_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A74D270-9076-474D-A06F-C915FCEA2164\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5D08ED7-3E7F-4D30-890E-6535F6C34682\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-1100-4_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CAFE1E3-B705-4CF1-AEB9-A474432B6D34\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D042C75D-6731-46B2-B11E-A009B9029B3F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-1200-05_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42DA6DEB-3578-44A5-916F-1628141F0DDE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E691E775-382C-4BA9-AA44-FBC3148D3E54\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-1550-04_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2C1EF70-AD9B-48D7-8DF6-A6416C517F12\"}]}]}]",
"cveTags": "[{\"sourceIdentifier\": \"cna@vuldb.com\", \"tags\": [\"unsupported-when-assigned\"]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\"}, {\"lang\": \"es\", \"value\": \"** NO COMPATIBLE CUANDO SE ASIGN\\u00d3 ** Se encontr\\u00f3 una vulnerabilidad, que fue clasificada como muy cr\\u00edtica, en D-Link DNS-320L, DNS-325, DNS-327L y DNS-340L hasta 20240403. Este problema afecta a algunos procesamientos desconocidos de el archivo /cgi-bin/nas_sharing.cgi del componente HTTP GET Request Handler. La manipulaci\\u00f3n del argumento usuario con el bus de mensajes de entrada conduce a credenciales codificadas. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259283. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\\u00f3 primeramente con el proveedor y se confirm\\u00f3 de inmediato que el producto ha llegado al final de su vida \\u00fatil. Deber\\u00eda retirarse y reemplazarse.\"}]",
"id": "CVE-2024-3272",
"lastModified": "2024-11-29T16:45:43.063",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2024-04-04T01:15:50.123",
"references": "[{\"url\": \"https://github.com/netsecfish/dlink\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://vuldb.com/?ctiid.259283\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://vuldb.com/?id.259283\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/netsecfish/dlink\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://vuldb.com/?ctiid.259283\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://vuldb.com/?id.259283\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"cna@vuldb.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-3272\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2024-04-04T01:15:50.123\",\"lastModified\":\"2024-11-29T16:45:43.063\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[{\"sourceIdentifier\":\"cna@vuldb.com\",\"tags\":[\"unsupported-when-assigned\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\"},{\"lang\":\"es\",\"value\":\"** NO COMPATIBLE CUANDO SE ASIGN\u00d3 ** Se encontr\u00f3 una vulnerabilidad, que fue clasificada como muy cr\u00edtica, en D-Link DNS-320L, DNS-325, DNS-327L y DNS-340L hasta 20240403. Este problema afecta a algunos procesamientos desconocidos de el archivo /cgi-bin/nas_sharing.cgi del componente HTTP GET Request Handler. La manipulaci\u00f3n del argumento usuario con el bus de mensajes de entrada conduce a credenciales codificadas. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259283. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 de inmediato que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2024-04-11\",\"cisaActionDue\":\"2024-05-02\",\"cisaRequiredAction\":\"This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.\",\"cisaVulnerabilityName\":\"D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability\",\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320l_firmware:1.01.0702.2013:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F733CFC-CB96-46B0-AE7E-21822560C774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320l_firmware:1.03.0904.2013:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93290C71-4CDF-4645-AB29-49E832AE6BF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320l_firmware:1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91A5ABBE-0AC8-47CB-B420-3C68020B9132\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C677E53-6885-4EC4-A7CC-E24E8F445F59\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-120_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C44BE2C6-BF3E-43C3-B32F-2DCE756F94BC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E161E54-2FE9-4359-9B2D-8700D00DE8E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dnr-202l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96195649-172A-4C21-AA15-7B05F86C5CEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07A92F2C-16FD-4A53-8066-83FEC2818DF5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-315l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8CFCD7B-EFFB-4FAB-9537-46AC7B567126\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03C5CED7-55A7-4026-95CD-A2ADB5853823\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4452F9A4-3A0A-4773-9818-04C94CF9F8E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0F5355E-F68D-49FE-9793-1FD9BD9AF3E1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320lw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FE78C5B-2A98-47EE-BF67-CF58AFE50A37\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45467ABC-BAA9-4EB0-9F97-92E31854CA8B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A278BC9-6197-43D9-93C2-3DF760856FB7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-321_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC28053F-88A9-4CA1-A2A2-CC90FEEA68FC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DAF62A4-2429-4B89-8FAD-8B23EF15E050\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dnr-322l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD3AD5EE-8E1E-4336-A1AB-AB028CC71286\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-323_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641CB5F1-3DE0-480B-95A4-FC42A8FF3C97\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94ED678A-AB4C-4637-B0D8-C232A0BB5D5F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-325_firmware:1.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F42F8AA8-30F9-46D9-92D9-CF8876E04FFA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8042169D-D9FA-4BD6-90D1-E0DE269E42B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-326_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E6F048-D865-4378-87C7-B0E528134276\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26F4F77-A6E3-4D7D-A781-BEB5FF7BC44F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-327l_firmware:1.00.0409.2013:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"288DA5DF-BC45-4B81-82C6-9E78417F415B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-327l_firmware:1.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D36608-4CCB-4B4F-AC7C-AB925817FF83\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB305B29-7F89-4A52-9ECF-3DB0BDD2350D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dnr-326_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"816E5F34-CE76-49E5-91F3-8CC84C561558\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33CB308B-CF82-4E40-B2DC-23EBD48CD130\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-340l_firmware:1.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A2A09C0-1495-4999-A2B2-CE3474A02CC8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0646B20C-5642-4CEA-A96C-7E82AD94A281\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F968791D-D3BD-442C-818E-4E878B12776D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-343_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD656642-EDD4-4EB2-81AB-04207BC14196\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E56821-7EA0-4CA1-BA17-7FD4ED9F794C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-345_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12C5E2D7-018E-4ED1-92C7-B5B1D8CC6990\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75E5010F-21BA-4B6B-B00C-2688268FD67B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-726-4_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A74D270-9076-474D-A06F-C915FCEA2164\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5D08ED7-3E7F-4D30-890E-6535F6C34682\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-1100-4_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CAFE1E3-B705-4CF1-AEB9-A474432B6D34\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D042C75D-6731-46B2-B11E-A009B9029B3F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-1200-05_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42DA6DEB-3578-44A5-916F-1628141F0DDE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E691E775-382C-4BA9-AA44-FBC3148D3E54\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-1550-04_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2C1EF70-AD9B-48D7-8DF6-A6416C517F12\"}]}]}],\"references\":[{\"url\":\"https://github.com/netsecfish/dlink\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://vuldb.com/?ctiid.259283\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://vuldb.com/?id.259283\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/netsecfish/dlink\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://vuldb.com/?ctiid.259283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://vuldb.com/?id.259283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://vuldb.com/?id.259283\", \"name\": \"VDB-259283 | D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials\", \"tags\": [\"vdb-entry\", \"technical-description\", \"x_transferred\"]}, {\"url\": \"https://vuldb.com/?ctiid.259283\", \"name\": \"VDB-259283 | CTI Indicators (IOB, IOC, TTP, IOA)\", \"tags\": [\"signature\", \"permissions-required\", \"x_transferred\"]}, {\"url\": \"https://github.com/netsecfish/dlink\", \"tags\": [\"exploit\", \"x_transferred\"]}, {\"url\": \"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\", \"tags\": [\"related\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:05:08.352Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-3272\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"Active\"}, {\"Automatable\": \"Yes\"}, {\"Technical Impact\": \"Total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-12T04:00:39.050176Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-04-11\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-3272\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:dlink:dns-320l_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"dlink\", \"product\": \"dns-320l_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:dlink:dns-325_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"dlink\", \"product\": \"dns-325_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:dlink:dns-327l_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"dlink\", \"product\": \"dns-327l_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:dlink:dns-340l_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"dlink\", \"product\": \"dns-340l_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-29T19:19:51.232Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"tags\": [\"unsupported-when-assigned\"], \"title\": \"D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"netsecfish\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 10, \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\"}}], \"affected\": [{\"vendor\": \"D-Link\", \"modules\": [\"HTTP GET Request Handler\"], \"product\": \"DNS-320L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}]}, {\"vendor\": \"D-Link\", \"modules\": [\"HTTP GET Request Handler\"], \"product\": \"DNS-325\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}]}, {\"vendor\": \"D-Link\", \"modules\": [\"HTTP GET Request Handler\"], \"product\": \"DNS-327L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}]}, {\"vendor\": \"D-Link\", \"modules\": [\"HTTP GET Request Handler\"], \"product\": \"DNS-340L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240403\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-04-03T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2024-04-03T02:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2024-04-11T11:49:12.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.259283\", \"name\": \"VDB-259283 | D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.259283\", \"name\": \"VDB-259283 | CTI Indicators (IOB, IOC, TTP, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://github.com/netsecfish/dlink\", \"tags\": [\"exploit\"]}, {\"url\": \"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\", \"tags\": [\"related\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\"}, {\"lang\": \"de\", \"value\": \"Eine Schwachstelle wurde in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 entdeckt. Sie wurde als sehr kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Mit der Manipulation des Arguments user mit der Eingabe messagebus mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \\u00fcber das Netzwerk erfolgen. Der Exploit steht zur \\u00f6ffentlichen Verf\\u00fcgung.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-798\", \"description\": \"CWE-798 Hard-coded Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2024-04-11T09:44:24.119Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-3272\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T20:05:08.352Z\", \"dateReserved\": \"2024-04-03T18:21:29.925Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2024-04-04T01:00:05.740Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.