Endpoint Security

Aged D-Link NAS Devices Are Being Exploited by Hackers

D-Link Tells Owners to Buy a Newer Model
Aged D-Link NAS Devices Are Being Exploited by Hackers
D-Link says you shouldn't count on a patch to fix exploited flaws in network storage devices manufactured more than a decade ago. (Image: Shutterstock)

Network-attached storage manufacturer D-Link says owners of devices vulnerable to remote takeover exploits should suck it up and buy a replacement.

See Also: Simplified Disaster Recovery with Pure Protect //DRaaS

Internet scans have tallied the number of affected NAS devices - a handful of servers released on average a decade ago - at more than 92,000.

Security researchers late last month disclosed two vulnerabilities affecting DNS-340L, DNS-320L, DNS-327L, and DNS-325 devices.

The vulnerability lies within the nas_sharing.cgi URL, which hackers could exploit two ways: by using hard-coded credentials to insert a backdoor or by command injection.

Tracked as CVE-2024-3272 and CVE-2024-3273, the flaws allow hackers access to sensitive data, allow them to change system configurations, or cause denial of service.

The Taiwanese manufacturer D-Link's response last Thursday was to tell owners that there won't be a patch and that the devices should "be retired and replaced." The devices reached their official end of service life four or more years ago - one of them in 2017.

The Shadowserver Foundation on Monday said that it's seeing scans and exploits originating from multiple internet addresses for CVE-2024-3273.

"Exploit and PoC details are public. As there is no patch for this vulnerability, these devices should be taken offline/replaced or at least have their remote access firewalled," the foundation said.

According to GreyNoise, threat actors are using the flaws to unleash a modified version of Mirai botnet malware skid.x86.


About the Author

Prajeet Nair

Prajeet Nair

Assistant Editor, Global News Desk, ISMG

Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.