** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327…
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
The product contains hard-coded credentials, such as a password or cryptographic key.
https://cwe.mitre.org/data/definitions/798.html →Open in CWE collection →An adversary may try certain common or default usernames and passwords to gain access into the system and perform unauthorized actions. An adversary may try an intelligent brute force using empty passwords, known vendor default credentials, as well as a dictionary of common usernames and passwords. Many vendor products come preconfigured with default (and thus well-known) usernames and passwords that should be deleted prior to usage in a production environment. It is a common mistake to forget to remove these default login credentials. Another problem is that users would pick very simple (common) passwords (e.g. "secret" or "password") that make it easier for the attacker to gain access to the system compared to using a brute force attack or even a dictionary attack using a full dictionary.
https://capec.mitre.org/data/definitions/70.html →Open in CAPEC collection →https://capec.mitre.org/data/definitions/191.html →Open in CAPEC collection →
| Product | Vendor | Status |
|---|---|---|
| dnr-202l_firmware | * | Exploited |
| dnr-322l_firmware | * | Exploited |
| dnr-326_firmware | * | Exploited |
| dns-1100-4_firmware | * | Exploited |
| dns-1200-05_firmware | * | Exploited |
| dns-120_firmware | * | Exploited |
| dns-1550-04_firmware | * | Exploited |
| dns-315l_firmware | * | Exploited |
| dns-320_firmware | * | Exploited |
| dns-320l_firmware | * | Exploited |
| dns-320lw_firmware | * | Exploited |
| dns-321_firmware | * | Exploited |
| dns-323_firmware | * | Exploited |
| dns-325_firmware | * | Exploited |
| dns-326_firmware | * | Exploited |
| dns-327l_firmware | * | Exploited |
| dns-340l_firmware | * | Exploited |
| dns-343_firmware | * | Exploited |
| dns-345_firmware | * | Exploited |
| dns-726-4_firmware | * | Exploited |