{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T23:57:20.563","vulnerabilities":[{"cve":{"id":"CVE-2024-3272","sourceIdentifier":"cna@vuldb.com","published":"2024-04-04T01:15:50.123","lastModified":"2025-10-30T19:52:57.750","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."},{"lang":"es","value":"** NO COMPATIBLE CUANDO SE ASIGNÓ ** Se encontró una vulnerabilidad, que fue clasificada como muy crítica, en D-Link DNS-320L, DNS-325, DNS-327L y DNS-340L hasta 20240403. Este problema afecta a algunos procesamientos desconocidos de el archivo /cgi-bin/nas_sharing.cgi del componente HTTP GET Request Handler. La manipulación del argumento usuario con el bus de mensajes de entrada conduce a credenciales codificadas. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-259283. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contactó primeramente con el proveedor y se confirmó de inmediato que el producto ha llegado al final de su vida útil. Debería retirarse y reemplazarse."}],"metrics":{"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2024-04-11","cisaActionDue":"2024-05-02","cisaRequiredAction":"This vulnerability affects legacy D-Link products. All associated hardware revisions have reached their end-of-life (EOL) or end-of-service (EOS) life cycle and should be retired and replaced per vendor instructions.","cisaVulnerabilityName":"D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability","weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-320l_firmware:1.01.0702.2013:*:*:*:*:*:*:*","matchCriteriaId":"9F733CFC-CB96-46B0-AE7E-21822560C774"},{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-320l_firmware:1.03.0904.2013:*:*:*:*:*:*:*","matchCriteriaId":"93290C71-4CDF-4645-AB29-49E832AE6BF4"},{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-320l_firmware:1.11:*:*:*:*:*:*:*","matchCriteriaId":"91A5ABBE-0AC8-47CB-B420-3C68020B9132"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:*","matchCriteriaId":"6C677E53-6885-4EC4-A7CC-E24E8F445F59"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-120_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C44BE2C6-BF3E-43C3-B32F-2DCE756F94BC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:*","matchCriteriaId":"6E161E54-2FE9-4359-9B2D-8700D00DE8E7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dnr-202l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"96195649-172A-4C21-AA15-7B05F86C5CEC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:*","matchCriteriaId":"07A92F2C-16FD-4A53-8066-83FEC2818DF5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-315l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A8CFCD7B-EFFB-4FAB-9537-46AC7B567126"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:*","matchCriteriaId":"03C5CED7-55A7-4026-95CD-A2ADB5853823"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-320_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4452F9A4-3A0A-4773-9818-04C94CF9F8E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*","matchCriteriaId":"A0F5355E-F68D-49FE-9793-1FD9BD9AF3E1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-320lw_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE78C5B-2A98-47EE-BF67-CF58AFE50A37"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*","matchCriteriaId":"45467ABC-BAA9-4EB0-9F97-92E31854CA8B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*","matchCriteriaId":"2A278BC9-6197-43D9-93C2-3DF760856FB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-321_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DC28053F-88A9-4CA1-A2A2-CC90FEEA68FC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*","matchCriteriaId":"5DAF62A4-2429-4B89-8FAD-8B23EF15E050"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dnr-322l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AD3AD5EE-8E1E-4336-A1AB-AB028CC71286"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-323_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"641CB5F1-3DE0-480B-95A4-FC42A8FF3C97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:*","matchCriteriaId":"94ED678A-AB4C-4637-B0D8-C232A0BB5D5F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-325_firmware:1.01:*:*:*:*:*:*:*","matchCriteriaId":"F42F8AA8-30F9-46D9-92D9-CF8876E04FFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:*","matchCriteriaId":"8042169D-D9FA-4BD6-90D1-E0DE269E42B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-326_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B5E6F048-D865-4378-87C7-B0E528134276"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:*","matchCriteriaId":"D26F4F77-A6E3-4D7D-A781-BEB5FF7BC44F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-327l_firmware:1.00.0409.2013:*:*:*:*:*:*:*","matchCriteriaId":"288DA5DF-BC45-4B81-82C6-9E78417F415B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-327l_firmware:1.09:*:*:*:*:*:*:*","matchCriteriaId":"45D36608-4CCB-4B4F-AC7C-AB925817FF83"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*","matchCriteriaId":"DB305B29-7F89-4A52-9ECF-3DB0BDD2350D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dnr-326_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"816E5F34-CE76-49E5-91F3-8CC84C561558"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*","matchCriteriaId":"33CB308B-CF82-4E40-B2DC-23EBD48CD130"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-340l_firmware:1.08:*:*:*:*:*:*:*","matchCriteriaId":"9A2A09C0-1495-4999-A2B2-CE3474A02CC8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:*","matchCriteriaId":"0646B20C-5642-4CEA-A96C-7E82AD94A281"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*","matchCriteriaId":"F968791D-D3BD-442C-818E-4E878B12776D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-343_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD656642-EDD4-4EB2-81AB-04207BC14196"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:*","matchCriteriaId":"C7E56821-7EA0-4CA1-BA17-7FD4ED9F794C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-345_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"12C5E2D7-018E-4ED1-92C7-B5B1D8CC6990"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*","matchCriteriaId":"75E5010F-21BA-4B6B-B00C-2688268FD67B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-726-4_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A74D270-9076-474D-A06F-C915FCEA2164"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:*","matchCriteriaId":"D5D08ED7-3E7F-4D30-890E-6535F6C34682"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-1100-4_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7CAFE1E3-B705-4CF1-AEB9-A474432B6D34"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:*","matchCriteriaId":"D042C75D-6731-46B2-B11E-A009B9029B3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-1200-05_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"42DA6DEB-3578-44A5-916F-1628141F0DDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*","matchCriteriaId":"E691E775-382C-4BA9-AA44-FBC3148D3E54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dns-1550-04_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B2C1EF70-AD9B-48D7-8DF6-A6416C517F12"}]}]}],"references":[{"url":"https://github.com/netsecfish/dlink","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383","source":"cna@vuldb.com","tags":["Vendor Advisory"]},{"url":"https://vuldb.com/?ctiid.259283","source":"cna@vuldb.com","tags":["Permissions Required"]},{"url":"https://vuldb.com/?id.259283","source":"cna@vuldb.com","tags":["Third Party Advisory"]},{"url":"https://github.com/netsecfish/dlink","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://vuldb.com/?ctiid.259283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://vuldb.com/?id.259283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-3272","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}