CVE-2024-3272

Name of the Vulnerable Software and Affected Versions D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L versions up to 20240403

Description A very critical vulnerability has been found in the D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L devices. This issue affects the processing of the file /cgi-bin/nas sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer, and the vendor has confirmed that the product is end-of-life.

Recommendations As a temporary workaround, consider disabling the /cgi-bin/nas sharing.cgi script until the issue is resolved. Restrict access to the HTTP GET Request Handler to minimize the risk of exploitation. Avoid using the user argument in the affected HTTP GET requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability. It is recommended to retire and replace the affected devices as they are no longer supported by the maintainer.