RCE Vulnerability in 92000 D-Link NAS Devices

Cyberattacks are on the rise, and businesses of all sizes are at risk. A recent study found that 66% of organizations experienced a cyberattack in the past year. This highlights the importance of robust cybersecurity measures, including network security testing for devices like NAS.

Critical Vulnerabilities in D-Link NAS Devices

These vulnerabilities (CVE-2024-3272 & CVE-2024-3273) exposed nearly 92,000 devices to potential takeover by malicious actors.

These vulnerabilities came up from flaws within the NAS and allowed attackers to:

• Steal sensitive data like personal files and financial information
• Take complete control of the device and manipulate configurations
• Disrupt NAS functionality entirely, causing data inaccessibility (Denial-of-Service)

D-Link Models Affected:

• DNS-340L
• DNS-320L
• DNS-327L
• DNS-325L

How to Mitigate the Risk?

Since a patch for D-Link devices is unavailable, here's what you can do:

• Disconnect the NAS from the internet
• Back up your data
• Consider replacing the NAS

Read our most recent Blog.

For cybersecurity consultation, reach out to Kratikal today!

Let’s be Secure for Sure!