Security News > 2024 > April > Over 92,000 exposed D-Link NAS devices have a backdoor account

Over 92,000 exposed D-Link NAS devices have a backdoor account
2024-04-06 14:16

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage device models.

The two main issues contributing to the flaw, tracked as CVE-2024-3273, are a backdoor facilitated through a hardcoded account and a command injection problem via the "System" parameter.

Netsecfish says network scans show over 92,000 vulnerable D-Link NAS devices exposed online and susceptible to attacks through these flaws.

After contacting D-Link about the flaw and whether a patch would be released, the vendor told us that these NAS devices had reached the end of life and are no longer supported.

NAS devices should never be exposed to the internet as they are commonly targeted to steal data or encrypt in ransomware attacks.

QNAP warns of critical auth bypass flaw in its NAS devices.


News URL

https://www.bleepingcomputer.com/news/security/over-92-000-exposed-d-link-nas-devices-have-a-backdoor-account/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-04-04 CVE-2024-3273 Command Injection vulnerability in Dlink products
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.
network
low complexity
dlink CWE-77
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
D Link 114 1 35 30 39 105