"Over 90,000 D-Link NAS Devices Are Under Attack"

Network attached storage (NAS) vendor D-Link has recently urged users of end-of-life (EOL) products to retire and replace them, after news emerged of mass exploitation of legacy kit via a newly discovered vulnerability.  A security researcher who calls himself "netsecfish" published details of the vulnerability, which affects various D-Link NAS devices, on March 26.  The researcher noted that the vulnerability lies within the nas_sharing.cgi uri, which is vulnerable due to two main issues: a backdoor facilitated by hardcoded credentials, and a command injection vulnerability via the system parameter.  The researcher said that exploitation of the vulnerability could lead to arbitrary command execution on the affected D-Link NAS devices, granting attackers potential access to sensitive information, system configuration alteration, or denial of service by specifying a command, affecting over 92,000 devices on the internet.  The vulnerability now is described as CVE-2024-3273, is considered a high-severity vulnerability, and has been assigned a CVSS score of 7.3.

 

Infosecurity Magazine reports: "Over 90,000 D-Link NAS Devices Are Under Attack"

Submitted by Adam Ekwall on