92,000+ internet-facing D-Hyperlink NAS units accessible through “backdoor” account (CVE-2024-3273)


A vulnerability (CVE-2024-3273) in 4 previous D-Hyperlink NAS fashions could possibly be exploited to compromise internet-facing units, a risk researcher has discovered.

The existence of the flaw was confirmed by D-Hyperlink final week, and an exploit for opening an interactive shell has popped up on GitHub.

About CVE-2024-3273

“The vulnerability lies throughout the nas_sharing.cgi uri, which is susceptible resulting from two primary points: a backdoor facilitated by hardcoded credentials, and a command injection vulnerability through the system parameter,” says the discoverer, who goes by the net deal with “netsecfish”.

The “backdoor” account has messagebus because the username and doesn’t require a password.

“The system parameter throughout the request carries a base64 encoded worth that, when decoded, seems to be a command,” netsecfish famous.

The flaw may be triggered by a specifically crafted malicious HTTP request despatched to the /cgi-bin/nas_sharing.cgi endpoint.

Attackers who handle to take advantage of the flaw may pull off arbitrary command execution on susceptible units, which implies they might entry delicate info saved on them, make adjustments to the system configuration, and so on., by specifying a command.

CVE-2024-3273 impacts D-Hyperlink NAS fashions DNS-320L, DNS-325, DNS-327L, and DNS-340L, all of which have reached end-of-life (EOL) a few years in the past.

Sadly, many are nonetheless in use: netsecfish discovered over 92,000 of them uncovered on the web.

No patches out there

There shall be no patches for this flaw.

“This exploit impacts a legacy D-Hyperlink merchandise and all {hardware} revisions, which have reached their Finish of Life (“EOL”)/Finish of Service Life (“EOS”) Life-Cycle. Merchandise which have reached their EOL/EOS not obtain machine software program updates and safety patches and are not supported by D-Hyperlink,” the corporate stated within the safety advisory.

“D-Hyperlink US recommends that D-Hyperlink units which have reached EOL/EOS be retired and changed. If US shoppers proceed to make use of these units towards D-Hyperlink’s advice, please be certain the machine has the final know firmware which may be positioned on the Legacy Web site. Please be sure you often replace the machine’s distinctive password to entry its web-configuration, and all the time have WIFI encryption enabled with a novel password.”

Customers are additionally suggested to not expose administration interfaces to the web.


Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *