Published on 12 Apr 2024
D-Link has disclosed two vulnerabilities (CVE-2024-3272 & CVE-2024-3273) in their network-attached storage (NAS) devices. These vulnerabilities are reportedly being actively exploited.
The vulnerabilities are:
The vulnerabilities affect the following products:
The affected D-Link products have reached End of Life (EOL). Users and administrators of affected EOL products are advised to retire and replace their devices with products that are still supported by the manufacturer.
More information is available here:
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383
https://arstechnica.com/security/2024/04/hackers-actively-exploit-critical-remote-takeover-vulnerabilities-in-d-link-devices/?utm_source=tldrinfosec
Cyber Security Agency of Singapore
About The Author
More Stories
Anatomy of a Scam
Climate and Environmental Sustainability Within the IETF and IRTF
From Commitments to Practice: Internet Society’s Priorities for WSIS+20 Implementation