April 9, 2024 at 06:06AM
An unpatched vulnerability affecting D-Link NAS devices (CVE-2024-3273) is being exploited in the wild. The vulnerability allows unauthenticated attackers to execute arbitrary commands, potentially leading to information theft or system configuration alteration. D-Link confirmed affected models, with exploitation attempts already observed. CISA is aware of 16 D-Link product vulnerabilities exploited in the wild.
Key takeaways from the meeting notes are as follows:
– A significant vulnerability affecting multiple D-Link network-attached storage (NAS) devices, tracked as CVE-2024-3273, has been discovered. This vulnerability allows unauthenticated attackers to execute arbitrary commands on affected devices.
– D-Link has confirmed the impact on specific models and has advised customers to stop using impacted devices since they are no longer receiving patches due to reaching end of life (EOL).
– Attempts to exploit the vulnerability have been observed, with reports from the cybersecurity industry indicating exploitation attempts from both single and multiple IP addresses.
– The US cybersecurity agency CISA is aware of exploitation of D-Link product vulnerabilities in the wild, and it is noted that NAS devices are commonly targeted in malicious attacks.
– Conflicting reports exist on the number of affected devices, with a screenshot of a FOFA search showing 92,000 results for affected D-Link NAS devices, while other sources indicate a lower number of internet-exposed devices.
In addition, the meeting notes reference related data breach claims involving D-Link, Western Digital, Synology NAS vulnerabilities, and QNAP NAS devices.
Would you like me to take any further actions or provide additional information on any specific aspect?