CVE-2024-3273

🗓️ 04 Apr 2024 01:00:06Reported by VulDBType

cve🔗 web.nvd.nist.gov📰️ 7 Media mentions👁 303 Views🌐 WEB

Vulnerability in D-Link NAS devices allows remote command injectio

Reporter	Title	Published	Views	Family All 23
GithubExploit	Exploit for Command Injection in Dlink Dns-320L_Firmware	10 Apr 202400:27	–	githubexploit
GithubExploit	Exploit for Command Injection in Dlink Dns-320L_Firmware	7 Apr 202415:36	–	githubexploit
GithubExploit	Exploit for Command Injection in Dlink Dns-320L_Firmware	9 Apr 202412:26	–	githubexploit
GithubExploit	Exploit for Command Injection in Dlink Dns-320L_Firmware	21 Sep 202411:17	–	githubexploit
GithubExploit	Exploit for Command Injection in Dlink Dns-320L_Firmware	7 Apr 202403:09	–	githubexploit
ATTACKERKB	CVE-2024-3273	4 Apr 202400:00	–	attackerkb
BDU FSTEC	The vulnerability of the CGI script nas_sharing.cgi of the D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L NAS devices allows a hacker to execute arbitrary code.	8 Apr 202400:00	–	bdu_fstec
Circl	CVE-2024-3273	7 Apr 202409:31	–	circl
CISA KEV Catalog	D-Link Multiple NAS Devices Command Injection Vulnerability	11 Apr 202400:00	–	cisa_kev
CISA	CISA Adds Two Known Exploited Vulnerabilities to Catalog	11 Apr 202412:00	–	cisa

NVD

Vulners

Vulnrichment

Node

dlink dns-320l_firmwareMatch1.01.0702.2013

dlink dns-320l_firmwareMatch1.03.0904.2013

dlink dns-320l_firmwareMatch1.11

AND

dlink dns-320lMatch-

Node

dlink dns-120_firmwareMatch-

AND

dlink dns-120Match-

Node

dlink dnr-202l_firmwareMatch-

AND

dlink dnr-202lMatch-

Node

dlink dns-315l_firmwareMatch-

AND

dlink dns-315lMatch-

Node

dlink dns-320_firmwareMatch-

AND

dlink dns-320Match-

Node

dlink dns-320lw_firmwareMatch-

AND

dlink dns-320lwMatch-

Node

dlink dns-321_firmwareMatch-

AND

dlink dns-321Match-

Node

dlink dnr-322l_firmwareMatch-

AND

dlink dnr-322lMatch-

Node

dlink dns-323_firmwareMatch-

AND

dlink dns-323Match-

Node

dlink dns-325_firmwareMatch1.01

AND

dlink dns-325Match-

Node

dlink dns-326_firmwareMatch-

AND

dlink dns-326Match-

Node

dlink dns-327l_firmwareMatch1.00.0409.2013

dlink dns-327l_firmwareMatch1.09

AND

dlink dns-327lMatch-

Node

dlink dnr-326_firmwareMatch-

AND

dlink dnr-326Match-

Node

dlink dns-340l_firmwareMatch1.08

AND

dlink dns-340lMatch-

Node

dlink dns-343_firmwareMatch-

AND

dlink dns-343Match-

Node

dlink dns-345_firmwareMatch-

AND

dlink dns-345Match-

Node

dlink dns-726-4_firmwareMatch-

AND

dlink dns-726-4Match-

Node

dlink dns-1100-4_firmwareMatch-

AND

dlink dns-1100-4Match-

Node

dlink dns-1200-05_firmwareMatch-

AND

dlink dns-1200-05Match-

Node

dlink dns-1550-04_firmwareMatch-

AND

dlink dns-1550-04Match-

[
  {
    "vendor": "D-Link",
    "product": "DNS-320L",
    "versions": [
      {
        "version": "20240403",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP GET Request Handler"
    ]
  },
  {
    "vendor": "D-Link",
    "product": "DNS-325",
    "versions": [
      {
        "version": "20240403",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP GET Request Handler"
    ]
  },
  {
    "vendor": "D-Link",
    "product": "DNS-327L",
    "versions": [
      {
        "version": "20240403",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP GET Request Handler"
    ]
  },
  {
    "vendor": "D-Link",
    "product": "DNS-340L",
    "versions": [
      {
        "version": "20240403",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP GET Request Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/netsecfish/dlink
supportannouncement	www.supportannouncement.us.dlink.com/security/publication.aspx
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog
greynoise	www.greynoise.io/blog/cve-2024-3273-d-link-nas-rce-exploited-in-the-wild