Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2024-3272

Disclosure Date: April 04, 2024 •

CVE-2024-3272 CVSS v3 Base Score: 9.8

Exploited in the Wild

Reported by inokii and 1 more...
View Source Details

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

9.8 Critical

Impact Score:

5.9

Exploitability Score:

3.9

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

dlink

Products

dnr-202l firmware -,
dnr-322l firmware -,
dnr-326 firmware -,
dns-1100-4 firmware -,
dns-120 firmware -,
dns-1200-05 firmware -,
dns-1550-04 firmware -,
dns-315l firmware -,
dns-320 firmware -,
dns-320l firmware -,
dns-320lw firmware -,
dns-321 firmware -,
dns-323 firmware -,
dns-325 firmware -,
dns-326 firmware -,
dns-327l firmware -,
dns-340l firmware -,
dns-343 firmware -,
dns-345 firmware -,
dns-726-4 firmware -

Exploited in the Wild

Reported by:

inokii indicated sources as

Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)
Other: CISA Gov Alert (https://www.cisa.gov/news-events/alerts/2024/04/11/cisa-adds-two-known-exploited-vulnerabilities-catalog)

Reported: April 11, 2024 8:29pm UTC (7 months ago)

AttackerKB Worker indicated source as Government or Industry Alert (https://www.cisa.gov/news-events/alerts/2024/04/11/cisa-adds-two-known-exploited-vulnerabilities-catalog)

Reported: November 08, 2024 8:26am UTC (2 weeks ago)

References

Canonical

CVE-2024-3272 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3272)

Miscellaneous

https://vuldb.com/?id.259283

https://vuldb.com/?ctiid.259283

https://github.com/netsecfish/dlink

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

Rapid7

Unknown

CVE-2024-3272

Unknown

Unknown

None

None

Network

CVE-2024-3272

Description