CVE-2024-3273: D-Link NAS Backdoor Account + Command Injection

Score: 9.8
CRITICAL
Published: 2024-04-04Affected: D-Link DNS-320L, DNS-325, DNS-327L, DNS-340LCWE-78 β†—

Do D-Link NAS devices contain backdoors?

Multiple end-of-life D-Link NAS devices contain a hardcoded backdoor account and a command injection vulnerability in the nas_sharing.cgi endpoint. Unauthenticated attackers can execute arbitrary commands on the device.

Impact & Exploitation

Over 92,000 devices exposed on the internet. Devices are end-of-life with no patch available. Used for botnet recruitment, crypto mining, and as pivot points for internal network attacks.

Related Resources

πŸ” Related CWE Entries

πŸ“‹ OWASP Top 10

πŸ“– Security Guides

πŸ›‘οΈ Notable Vulnerabilities

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS9.8
SeverityCRITICAL
CWECWE-78
Published2024-04-04

Tags

iotnasbackdoorfirmware

Quick Links

Is your system affected?

Precogs AI detects D-Link NAS Backdoor Account + Command Injection in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2024-3273 D-Link NAS Backdoor Account + Command Injection don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo