April 9, 2024 at 12:40PM
A critical flaw in several end-of-life models of D-Link NAS devices, tracked as CVE-2024-3273, allows attackers to backdoor the devices, potentially accessing sensitive information and enabling other nefarious activities. D-Link advises retiring and replacing affected devices as they will no longer receive updates or support. Use unique passwords and enable Wi-Fi encryption if continuing to use the device.
Based on the meeting notes, here are the key takeaways:
1. A critical flaw has been identified in several end-of-life (EOL) models of D-Link network-attached storage (NAS) devices, allowing attackers to backdoor the device and gain access to sensitive information.
2. More than 92,000 devices connected to the Internet are affected by the flaw tracked as CVE-2024-3273 in D-Link NAS devices, including models DNS-340L, DNS-320L, DNS-327L, and DNS-325, and D-Link has advised customers to sunset these affected devices due to lack of updates and support.
3. The flaw was identified by a researcher known as “netsecfish” and detailed on GitHub, and an exploit has been released for the flaw, which has attracted interest from attackers.
4. The vulnerability exists in the nas_sharing.cgi CGI script, leading to backdooring and command injection through the system parameter, with potential for data theft, denial of service, and unauthorized access.
5. Due to the lack of a forthcoming patch for CVE-2024-3273, the only remedy is to retire and replace affected devices, as D-Link has no plans to support or update the affected products.
6. D-Link has recommended ensuring frequent updating of the device’s unique password and enabling Wi-Fi encryption with a unique password for users who choose to continue using the affected device against the company’s recommendation.
These takeaways summarize the critical information from the meeting notes regarding the identified flaw in D-Link NAS devices and the necessary actions to be taken in response.