Description |
CVE-2024-3272 relies on the use of a user account present by default on all the impacted D-Link NAS models. These NAS Devices use Hard-Coded Credentials. The vulnerability CVE-2024-3273 allows a remote command injection on impacted D-link NAS devices. By combining CVE-2024-3273 vulnerability with CVE-2024-3272, it is possible to send commands remotely without any authentication, making this attack very dangerous because attackers could steal sensitive data on these NAS devices and further use it for Ransomware attacks. D-Link DIR-600 routers contain a Cross-Site Request Forgery (CSRF) vulnerability (CVE-2014-100005) that allows an attacker to change router configurations by hijacking an existing administrator session. CVE-2021-40655 is a D-Link DIR-605 router Information Disclosure vulnerability that allows attackers to obtain a username and password by forging a post request. D-Link Go-RT devices are vulnerable to Buffer Overflow vulnerability (CVE-2022-37055). |
||||||||||||
CVE ID |
CVE-2024-3272 (https://nvd.nist.gov/vuln/detail/CVE-2024-3272) |
||||||||||||
NDR Cloud Detection Rule |
FortiNDR Cloud v2024.6+
|
||||||||||||
Playbook |
N/A |
||||||||||||
Threat hunting |
N/A |
||||||||||||
Suricata Coverage |
N/A |
||||||||||||
Other Fortinet Products |
For more details regarding mitigating the vulnerability by utilizing Fortinet products, please refer to |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.