{"vulnerability": "CVE-2024-3273", "sightings": [{"uuid": "4f9bf0b1-b58a-4807-98c8-68a4dccade45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-04-11T21:10:03.000000Z"}, {"uuid": "62ad826c-d00c-4d21-8dde-56242a81da97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32732", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113625723142849983", "content": "", "creation_timestamp": "2024-12-10T00:35:41.995910Z"}, {"uuid": "bcacde3f-a608-4f4c-84dc-1afbfe5d627b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "fd4c118a-29fd-42ee-9f3c-3fcbf6d80edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32736", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "291335b8-9a36-4f49-9b86-f9f2cbf27c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-14)", "content": "", "creation_timestamp": "2025-02-14T00:00:00.000000Z"}, {"uuid": "a0710c05-1782-4b9d-987e-dc6c027e7c27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:53.000000Z"}, {"uuid": "9a54e4a0-d894-4e28-9607-b9417821a780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-10)", "content": "", "creation_timestamp": "2025-06-10T00:00:00.000000Z"}, {"uuid": "24429660-67c2-4aec-b0ed-3836de974130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "6bb69a63-356c-4eed-a37b-c385b9ebd585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32736", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "99712d22-8b53-4737-89f6-3f44fb81a94e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "5ce01b2c-efd6-4529-8cab-572c54e79d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "953ce8f4-2473-4bab-90fe-dafa64151536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv7bhop5j62r", "content": "", "creation_timestamp": "2025-07-30T18:40:20.083968Z"}, {"uuid": "741c37f5-435f-45aa-b267-2b62ae4a15f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-31)", "content": "", "creation_timestamp": "2025-07-31T00:00:00.000000Z"}, {"uuid": "b920e0df-bba2-474a-9d90-79f213cf0a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "07a3f95d-efad-484e-856e-053ce82ced17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:12.000000Z"}, {"uuid": "6b13377e-1aa1-4ca3-a510-49df24e1e3a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "3d15f45a-6e1d-4dd1-ac94-2bb1a1602a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-05)", "content": "", "creation_timestamp": "2026-02-05T00:00:00.000000Z"}, {"uuid": "e9c0f3df-4f6e-4089-ac0e-a14954812ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "1f7c58e9-faf8-407f-aee1-74989aa23da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "49ffe1a8-456e-4974-853d-53f454f013a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-10)", "content": "", "creation_timestamp": "2026-03-10T00:00:00.000000Z"}, {"uuid": "14f85b41-ca34-485c-9fc3-eed4d5aea04b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-17)", "content": "", "creation_timestamp": "2026-03-17T00:00:00.000000Z"}, {"uuid": "2c055754-2f3b-4ad4-997e-69e52fed89a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-16)", "content": "", "creation_timestamp": "2026-03-16T00:00:00.000000Z"}, {"uuid": "cae7dae0-3414-456c-9325-702ff3fe7804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-27)", "content": "", "creation_timestamp": "2026-03-27T00:00:00.000000Z"}, {"uuid": "e241964c-900e-40ed-8c10-5bf8a92b6e06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "cfa3b8be-5f37-4769-ab25-01299315a3da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-24)", "content": "", "creation_timestamp": "2026-03-24T00:00:00.000000Z"}, {"uuid": "761ea5c4-0bb1-4abe-9ce8-a6bb1158e548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "b1e9d31b-6d01-42a7-99bd-27253c12d7ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-15)", "content": "", "creation_timestamp": "2026-03-15T00:00:00.000000Z"}, {"uuid": "cf4b0a7a-6996-4703-baa8-ebc89f1dba45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32735", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-26)", "content": "", "creation_timestamp": "2026-01-26T00:00:00.000000Z"}, {"uuid": "ce92d501-f007-45fe-b35d-447bd0192e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/674", "content": "#exploit\n1. WhatsApp extension manipulation (PoC)\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n2. CVE-2024-3273:\nCommand Injection and Backdoor Account in D-Link NAS Devices\nhttps://github.com/adhikara13/CVE-2024-3273\n]-> tool: https://github.com/Chocapikk/CVE-2024-3273", "creation_timestamp": "2024-08-01T13:53:56.000000Z"}, {"uuid": "45598d14-5c61-4b28-802d-3a599d454ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/21274352-7a91-4c55-9062-2757e2430e1e", "content": "", "creation_timestamp": "2026-02-02T12:26:38.180271Z"}, {"uuid": "31995033-2f43-4431-8743-f96999003fb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "Telegram/-h5GVRjjjhPE0kGDVl5o_KYUxLD3LPnUNs8nfIS6CE3oIQA", "content": "", "creation_timestamp": "2024-04-09T08:52:14.000000Z"}, {"uuid": "ae9b51a2-7287-42a6-92d8-821f588c2690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8563", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-3273 - D-Link Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/X-Projetion/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE-\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-21T11:20:17.000000Z"}, {"uuid": "a5b387ac-0a19-4298-a4ca-3eb8255f31a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8564", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-3273 - D-Link Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/X-Projetion/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-09-21T11:24:27.000000Z"}, {"uuid": "9a92a45c-9c60-4162-94b3-64f4f1b5a806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/4288", "content": "\u200b\u26a1\ufe0f92 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 D-Link \u043d\u0430 \u0433\u0440\u0430\u043d\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438\n\n\ud83d\udcac \u041d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c \u00abNetsecfish\u00bb \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043c\u043e\u0434\u0435\u043b\u044f\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449 D-Link, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u0435 \u00ab/cgi-bin/nas_sharing.cgi\u00bb, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u043c \u043d\u0430 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 HTTP GET \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2024-3273, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0430\u043b\u0438\u0447\u0438\u0435\u043c \u0437\u0430\u0448\u0438\u0442\u043e\u0433\u043e \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430 (\u0438\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u00abmessagebus\u00bb \u0431\u0435\u0437 \u043f\u0430\u0440\u043e\u043b\u044f) \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u00absystem\u00bb. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041f\u0440\u0438\u043c\u0435\u0440 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u043a\u0430\u043a \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 base64 \u043a \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0443 \u00absystem\u00bb \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0435\u0451 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0411\u0435\u043b\u044b\u0439 \u0445\u0430\u043a\u0435\u0440 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \u00ab\u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb.\n\n\u041c\u043e\u0434\u0435\u043b\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043b\u0438\u044f\u0435\u0442 CVE-2024-3273, \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\nDNS-320L \u0432\u0435\u0440\u0441\u0438\u0438 \u041f\u041e 1.11, 1.03.0904.2013, 1.01.0702.2013;\nDNS-325 \u0432\u0435\u0440\u0441\u0438\u0438 \u041f\u041e 1.01;\nDNS-327L \u0432\u0435\u0440\u0441\u0438\u0438 \u041f\u041e1.09, \u0412\u0435\u0440\u0441\u0438\u044f 1.00.0409.2013;\nDNS-340L \u0412\u0435\u0440\u0441\u0438\u0438 1.08.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Netsecfish, \u0432 \u0441\u0435\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 92 000 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 D-Link, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0440\u0438\u0441\u043a\u0443 \u0430\u0442\u0430\u043a \u0447\u0435\u0440\u0435\u0437 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f D-Link \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e\u0441\u0442\u0438\u0433\u043b\u0438 \u043a\u043e\u043d\u0446\u0430 \u0441\u0432\u043e\u0435\u0433\u043e \u0436\u0438\u0437\u043d\u0435\u043d\u043d\u043e\u0433\u043e \u0446\u0438\u043a\u043b\u0430 \u0438 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f. \u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u0442\u0435 \u043c\u043e\u0434\u0435\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0449\u0451 \u0431\u0443\u0434\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438.\n\n\u041d\u0430 \u0441\u0432\u043e\u0451\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0430\u0439\u0442\u0435 D-Link \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0451\u043d\u043d\u043e\u0441\u0442\u044c \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0410 \u043d\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u043d\u0430\u0439\u0442\u0438 \u0441\u0430\u043c\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0438\u0437 \u0432\u044b\u043f\u0443\u0448\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0434\u043b\u044f \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u0435\u0442, \u0447\u0442\u043e NAS-\u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u0438 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d\u0438 \u0447\u0430\u0441\u0442\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0446\u0435\u043b\u044c\u044e \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-04-08T08:36:01.000000Z"}, {"uuid": "a0242b67-9c0d-4b8b-9957-6b4bfe39366b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6970", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit for CVE-2024-3273, supports single and multiple hosts\nURL\uff1ahttps://github.com/adhikara13/CVE-2024-3273\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-07T15:40:36.000000Z"}, {"uuid": "f562f3db-71c4-4c81-b764-9a88205ee793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "Telegram/i724dyswVXMowZfrYp7d_zckzTfB5Kjt1pPkqu_GXPc1QA0", "content": "", "creation_timestamp": "2026-04-25T21:00:05.000000Z"}, {"uuid": "89c93a3d-a493-490c-ba26-d4c509a36fa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6965", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aD-Link NAS CVE-2024-3273 Exploit Tool\nURL\uff1ahttps://github.com/Chocapikk/CVE-2024-3273\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-31T16:48:01.000000Z"}, {"uuid": "f6d29b0e-8da0-49dd-bb25-4e7d7c6bc531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6982", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aUNTESTED exploit script for CVE-2024-3272 + CVE-2024-3273. The script exploits a backdoor authentication bypass + arbitrary command injection vulnerability. \nURL\uff1ahttps://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-08T13:56:56.000000Z"}, {"uuid": "356ec828-2502-4a73-a9f7-197ab84467e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6972", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aQuick and dirty honeypot for CVE-2024-3273\nURL\uff1ahttps://github.com/yarienkiva/honeypot-dlink-CVE-2024-3273\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-04-07T21:17:40.000000Z"}, {"uuid": "cf6cc8bb-5214-42b5-9a8a-2999ba0a647e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6991", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aA PoC exploit for CVE-2024-3273 - D-Link Remote Code Execution RCE\nURL\uff1ahttps://github.com/K3ysTr0K3R/CVE-2024-3273-EXPLOIT\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-04-09T12:58:33.000000Z"}, {"uuid": "74b0ad1b-a830-4e8b-9622-6635bcfd72be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32736", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8731", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-32736\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3.\u00a0An unauthenticated remote attacker can leak sensitive information via the \"query_utask_verbose\" function within MCUDBHelper.\n\n\ud83d\udccf Published: 2024-05-09T14:57:38.850Z\n\ud83d\udccf Modified: 2025-03-25T18:10:55.407Z\n\ud83d\udd17 References:\n1. https://www.tenable.com/security/research/tra-2024-14\n2. https://www.cyberpower.com/global/en/File/GetFileSampleByType?fileId=SU-18070002-07&fileSubType=FileReleaseNote", "creation_timestamp": "2025-03-25T18:25:23.000000Z"}, {"uuid": "c44febf4-7936-430e-8588-3a204c3a13cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://t.me/habr_com_news/26893", "content": "\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 NetworkSecurityFish \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0435 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430\u0445 D-Link (DNS-340L, DNS-320L, DNS-327L \u0438 DNS-32), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u043e\u043c\u0435\u0440 CVE-2024-3273 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437-\u0437\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u043b\u044f \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0441 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435\u043c.\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2024-04-09T10:00:29.000000Z"}, {"uuid": "ec9032e7-aab9-455d-abe4-46ff38551313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/526", "content": "#poc #exploit #cve\n\n\ud83d\udc6e\u200d\u2640CVE-2024-3273: \u041f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a D-Link\n\n\u042d\u0442\u043e\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043c\u043e\u0449\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-3273, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 NAS-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 D-Link. \u041e\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\n\n\ud83d\udd77\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\n1. DNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013\n2. DNS-325 Version 1.01\n3. DNS-327L Version 1.09, Version 1.00.0409.2013\n4. DNS-340L Version 1.08\n\nGitHub \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \ud83d\udda5", "creation_timestamp": "2024-04-08T15:29:40.000000Z"}, {"uuid": "ba7d9363-6f84-465d-8f54-81098658e93a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "Telegram/XMKlU8WglbPOYzxhaNs8UJZntuo_NAyljofjDSEqqryHyg", "content": "", "creation_timestamp": "2024-04-13T15:12:50.000000Z"}, {"uuid": "43960a27-173a-4bf6-a045-a1272be4f6b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://t.me/cyberbannews_ir/11499", "content": "\ud83e\ude99\u0633\u0648\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0642\u062f\u06cc\u0645\u06cc \u062f\u06cc \u0644\u06cc\u0646\u06a9\n\n\ud83d\udcc3 \u0622\u0698\u0627\u0646\u0633 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0648 \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a (CISA) \u0631\u0648\u0632 \u067e\u0646\u062c\u0634\u0646\u0628\u0647\u060c \u062f\u0648 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc CVE-2024-3273 \u0648 CVE-2024-3272 \u0631\u0627 \u0628\u0647 \u0644\u06cc\u0633\u062a \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0648\u062f \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f \u0648 \u0628\u0647 \u0622\u0698\u0627\u0646\u0633 \u0647\u0627\u06cc \u0641\u062f\u0631\u0627\u0644 \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f \u06a9\u0647 \u062a\u0627 2 \u0645\u06cc \u0641\u0631\u0635\u062a \u062f\u0627\u0631\u0646\u062f \u062a\u0627 \u0633\u062e\u062a \u0627\u0641\u0632\u0627\u0631 \u062f\u06cc \u0644\u06cc\u0646\u06a9 (D-Link) \u0631\u0627 \u06a9\u0647 \u062f\u0631 \u0628\u0631\u062e\u06cc \u0627\u0632 \u0645\u0648\u0627\u0631\u062f\u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u06cc\u06a9 \u062f\u0647\u0647 \u0627\u0632 \u0639\u0645\u0631\u0634\u0627\u0646 \u06af\u0630\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u0631\u0627 \u0628\u0627\u0632\u0646\u0634\u0633\u062a\u0647 \u06cc\u0627 \u062c\u0627\u06cc\u06af\u0632\u06cc\u0646 \u06a9\u0646\u0646\u062f.\n\n\ud83d\udd3a\u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0645\u062a\u0635\u0644 \u0628\u0647 \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0630\u062e\u06cc\u0631\u0647 \u0648 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0641\u0627\u06cc\u0644 \u0647\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u0634\u0648\u0646\u062f.\n\n\ud83d\udd18 \u06af\u0632\u0627\u0631\u0634 \u06a9\u0627\u0645\u0644 \n\n#\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc #\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc #\u0627\u0645\u0646\u06cc\u062a #\u062f\u06cc_\u0644\u06cc\u0646\u06a9\n\n\ud83e\udda0 @cyberbannews_ir", "creation_timestamp": "2024-04-14T05:25:20.000000Z"}, {"uuid": "6f5aa492-713a-4080-9d04-ad64e2d47a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://t.me/HackingInsights/7176", "content": "New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273), (Tue, Jul 23rd)\nhttps://ift.tt/r2maC8l", "creation_timestamp": "2024-07-24T06:21:50.000000Z"}, {"uuid": "6191c840-815e-4ed5-8c0d-c94c07e87907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32732", "type": "seen", "source": "https://t.me/cvedetector/12470", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-32732 - SAP BusinessObjects Business Intelligence Confidential Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-32732 \nPublished : Dec. 10, 2024, 1:15 a.m. | 42\u00a0minutes ago \nDescription : Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T03:15:45.000000Z"}, {"uuid": "5abbb0e3-77ae-4143-9ca9-26f52ad0f9e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "Telegram/wW7U1no5ojC0Y2wcsFjSD5qBtXFRjqmeEaf2A0AZXBBzbQ", "content": "", "creation_timestamp": "2024-04-09T11:25:07.000000Z"}, {"uuid": "6bfccda0-ab22-471d-8311-b191631040d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/89", "content": "#exploit\n1. WhatsApp extension manipulation (PoC)\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n2. CVE-2024-3273:\nCommand Injection and Backdoor Account in D-Link NAS Devices\nhttps://github.com/adhikara13/CVE-2024-3273\n]-> tool: https://github.com/Chocapikk/CVE-2024-3273", "creation_timestamp": "2024-08-01T13:52:36.000000Z"}, {"uuid": "89161c51-3969-4103-8854-5857556777bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "Telegram/vTArh35mEL3sCATfIt_UjLT5WtBv60krK8jDjJ3n9C3e-Q", "content": "", "creation_timestamp": "2024-04-09T08:56:59.000000Z"}, {"uuid": "0c2e8d9e-63c6-4351-bd41-caa7967ac802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/5303", "content": "The Hacker News\nCritical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks\n\nThreat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices.\nTracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in", "creation_timestamp": "2024-04-09T11:25:08.000000Z"}, {"uuid": "795f4dd3-a368-4b57-9006-3be691c6968d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://t.me/arpsyndicate/4577", "content": "#ExploitObserverAlert\n\nCVE-2024-3273\n\nDESCRIPTION: Exploit Observer has 46 entries in 8 file formats related to CVE-2024-3273. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n\nFIRST-EPSS: 0.000630000\nARPS-EXPLOITABILITY: 0.7598383", "creation_timestamp": "2024-04-12T09:30:03.000000Z"}, {"uuid": "adf08a94-c20a-4749-8a41-fddd0f90244f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/blackcybersec/69", "content": "https://github.com/ThatNotEasy/CVE-2024-3273", "creation_timestamp": "2024-04-10T02:37:13.000000Z"}, {"uuid": "38184f7d-7a7f-4c87-995a-e95b865dad7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/998", "content": "The Hacker News\nCritical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks\n\nThreat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices.\nTracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in", "creation_timestamp": "2024-04-09T11:25:08.000000Z"}, {"uuid": "d54cd804-ae92-4c66-9587-c8168bc1e167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://t.me/arpsyndicate/4416", "content": "#ExploitObserverAlert\n\nCVE-2024-3273\n\nDESCRIPTION: Exploit Observer has 26 entries in 6 file formats related to CVE-2024-3273. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n\nFIRST-EPSS: 0.000440000", "creation_timestamp": "2024-04-09T20:32:15.000000Z"}, {"uuid": "e5444542-798e-4da7-9e2c-bc3cef256fcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://t.me/arpsyndicate/4383", "content": "#ExploitObserverAlert\n\nCVE-2024-3273\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-3273. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-04-07T22:12:18.000000Z"}, {"uuid": "e3e7780b-c86a-4bab-94a3-568f48b9fe4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/lostsec/332", "content": "D-Link NAS CVE-2024-3273 [Latest]\n\nThe vulnerability affects the following versions of D-Link NAS devices:\n\nDNS-320L Version 1.11, Version1.03.0904.2013, Version1.01.0702.2013\nDNS-325 Version 1.01\nDNS-327L Version 1.09, Version1.00.0409.2013\nDNS-340L Version 1.08\n\nHow to find:\ngoto https://en.fofa.info\n\nsearch:\napp=\"D_Link-DNS-ShareCenter\"\n\nclick on the ip you get login pannel access just copy url and paste in the given script.\n\ncve exploit: https://github.com/Chocapikk/CVE-2024-3273\nThanks to curbed #CR for giving me info about cve", "creation_timestamp": "2024-04-07T17:57:14.000000Z"}, {"uuid": "b60d2c78-0b30-4e5b-a78b-bbda789a3b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/220682", "content": "New Exploit Variation Against D-Link NAS Devices (CVE-2024-3273), (Tue, Jul 23rd)\nhttps://ift.tt/r2maC8l", "creation_timestamp": "2024-07-23T19:04:42.000000Z"}, {"uuid": "cb1be9de-41b7-410b-b2f6-fb73a41a5155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "Telegram/us1DrazPNABQ2g-fs4D7DOcHOvcDneFhUVVx2Uxq4CqhTjI", "content": "", "creation_timestamp": "2024-05-21T10:58:21.000000Z"}, {"uuid": "56e9642f-3cd5-49a9-8e5f-c0262fa809de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://t.me/true_secator/5615", "content": "\u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u043e \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 D-Link NAS, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043c\u043e\u0434\u0435\u043b\u0438 DNS-340L, DNS-320L, DNS-327L \u0438 DNS-325.\n\n\u0415\u0449\u0435 \u0431\u044b, \u0431\u043e\u043b\u0435\u0435 92 000 \u0432 \u0441\u0435\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438, \u0432\u0435\u0434\u044c D-Link \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u0441\u0441\u044b\u043b\u0430\u044f\u0441\u044c \u043d\u0430 EOL \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0430\u0434\u0440\u0435\u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b \u0432\u044b\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0422\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u0430\u044f CVE-2024-3273 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0438 \u0431\u0435\u0441\u043f\u0440\u0435\u043f\u044f\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0442 \u043e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0448\u0442\u0430\u043c\u043c\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Mirai (skid.x86) \u0438 \u043f\u0440\u0438\u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0431\u043e\u0442\u043d\u0435\u0442 \u0434\u043b\u044f \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u0432 DDoS-\u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 ShadowServer, \u0442\u0430\u043a\u0436\u0435 \u0441\u0432\u043e\u0438\u043c\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f\u043c\u0438 \u043d\u0430 \u044d\u0442\u043e\u0442 \u0441\u0447\u0435\u0442 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0432 GreyNoise, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u043e \u043d\u0430\u0447\u0430\u043b\u0435 \u043a\u0440\u0443\u043f\u043d\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u044e\u0449\u0438\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c, \u0447\u0442\u043e \u0437\u0430 \u043d\u0438\u043c\u0438 \u0432 \u0433\u043e\u0441\u0442\u0438 \u043d\u0430\u0432\u0435\u0434\u0430\u044e\u0442\u0441\u044f \u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438. \u0422\u0430\u043a \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-04-09T13:20:05.000000Z"}, {"uuid": "6c626b78-6aeb-48bb-84e7-0daf920f98ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://t.me/KomunitiSiber/1750", "content": "Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks\nhttps://thehackernews.com/2024/04/critical-flaws-leave-92000-d-link-nas.html\n\nThreat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices.\nTracked as\u00a0CVE-2024-3272\u00a0(CVSS score: 9.8) and\u00a0CVE-2024-3273\u00a0(CVSS score: 7.3), the vulnerabilities impact\u00a0legacy D-Link products\u00a0that have reached end-of-life (EoL) status. D-Link, in", "creation_timestamp": "2024-04-09T08:44:03.000000Z"}, {"uuid": "57d0eac7-0a2b-4858-b66e-8ca712d10030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1994", "content": "CVE-2024-3273\n*\nD-Link NAS \u0432\u0435\u0440\u0441\u0438\u0438:\n\nDNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013\nDNS-325 Version 1.01\nDNS-327L Version 1.09, Version 1.00.0409.2013\nDNS-340L Version 1.08\n\nExploit + Tool\n\n#dlink #exploit #NAS", "creation_timestamp": "2024-04-07T09:31:33.000000Z"}, {"uuid": "e2515969-80d1-49df-b10d-85d252b1c1d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "Telegram/ZNfbN5SVhYDckBf3tPWKEgekTZN-rB4g030ClC40tGn3zUk", "content": "", "creation_timestamp": "2024-04-16T10:31:23.000000Z"}, {"uuid": "99c42d68-8732-4b1a-b1a3-ef475d250b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://t.me/true_secator/5609", "content": "\u0411\u043e\u043b\u0435\u0435 92 000 \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0445\u0441\u044f \u0432 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 D-Link NAS \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 CVE-2024-3273.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 DNS-320L, 325, 327L, 340L \u0441 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 1.00.0409.2013, 1.01.0702.2013, 1.03.0904.2013, 1.01, 1.09, 1.08, 1.11 \u0438 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0441\u043a\u0440\u0438\u043f\u0442\u0435 /cgi-bin/nas_sharing.cgi, \u0432\u043b\u0438\u044f\u044f \u043d\u0430 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 HTTP GET.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0439 \u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Netsecfish, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435\u043c \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 (\u0438\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f: messagebus \u0438 \u043f\u0443\u0441\u0442\u044b\u043c \u043f\u0430\u0440\u043e\u043b\u0435\u043c), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 system.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 Base64 \u043a \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0443 \u00absystem\u00bb \u0447\u0435\u0440\u0435\u0437 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 GET, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0435\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u043b\u0438 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\n\nD-Link, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0431\u044b\u043b\u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0430 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0432 \u0432\u0432\u0438\u0434\u0443 \u043f\u043e\u0434\u043e\u0448\u0435\u0434\u0448\u0435\u0433\u043e EOL \u044d\u0442\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 NAS \u043d\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043c\u0435\u0440 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043b \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0432\u044b\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0445\u043e\u0442\u044f \u0431\u044b \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0445 \u043e\u0442 \u0441\u0435\u0442\u0438.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c NAS \u0443\u0436\u0435 \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0442 \u0441\u0432\u043e\u0439 \u043f\u0440\u0438\u0432\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b ransomware.", "creation_timestamp": "2024-04-08T12:30:11.000000Z"}, {"uuid": "76d754b5-3044-4e5e-bf72-160eeaedfbfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://t.me/ctinow/214319", "content": "https://ift.tt/YmhvXnA\n92,000+ internet-facing D-Link NAS devices accessible via \u201cbackdoor\u201d account (CVE-2024-3273)", "creation_timestamp": "2024-04-08T11:21:54.000000Z"}, {"uuid": "26fa5b6c-1b50-4450-a226-874e03eb9fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-04)", "content": "", "creation_timestamp": "2026-05-04T00:00:00.000000Z"}, {"uuid": "34ab4aff-83a4-4a29-8a93-9bd43c7f024f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://t.me/information_security_channel/51909", "content": "Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices\nhttps://www.securityweek.com/exploitation-attempts-target-unpatched-flaw-affecting-many-d-link-nas-devices/\n\nUnpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild.\nThe post Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices (https://www.securityweek.com/exploitation-attempts-target-unpatched-flaw-affecting-many-d-link-nas-devices/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-04-09T13:32:20.000000Z"}, {"uuid": "f61fcec4-d5ec-4886-bdf5-21819d6134a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2934", "content": "https://github.com/adhikara13/CVE-2024-3273\n\nExploit for CVE-2024-3273, supports single and multiple hosts\n#github #exploit", "creation_timestamp": "2024-08-01T14:28:56.000000Z"}, {"uuid": "4044fdc9-869b-423a-8c9a-6be85d7bde29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2265", "content": "https://github.com/Chocapikk/CVE-2024-3273\n\nD-Link NAS CVE-2024-3273 using tools\n#github #tools #exploit", "creation_timestamp": "2024-04-07T09:32:42.000000Z"}, {"uuid": "e79140a6-b421-4efb-91ed-d12430103292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "exploited", "source": "https://t.me/thehackernews/4790", "content": "\u26a0\ufe0f Urgent Alert: Hackers are exploiting vulnerabilities (CVE-2024-3272 and CVE-2024-3273) in D-Link NAS devices. \n \nUp to 92,000 devices affected, allowing data theft and device control. \n \nhttps://thehackernews.com/2024/04/critical-flaws-leave-92000-d-link-nas.html \n \nD-Link won't fix it \u2013 upgrade or disconnect ASAP!", "creation_timestamp": "2024-04-09T08:20:54.000000Z"}, {"uuid": "b58e0b9b-dc91-4c49-a8a2-6c8f196fb919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10913", "content": "#exploit\n1. WhatsApp extension manipulation\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n2. CVE-2024-3273:\nCommand Injection and Backdoor Account in D-Link NAS Devices\nhttps://github.com/adhikara13/CVE-2024-3273\n]-> https://github.com/netsecfish/dlink\n]-> tool: https://github.com/Chocapikk/CVE-2024-3273", "creation_timestamp": "2024-11-19T17:52:52.000000Z"}, {"uuid": "990236f6-db71-4b79-aa8a-f153c62085ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-04)", "content": "", "creation_timestamp": "2026-05-04T00:00:00.000000Z"}, {"uuid": "24745e0e-83b8-42c9-8eb8-b435dcfd960c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3ml3qowlvni2r", "content": "[RSS] pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI\n\n\n clearbluejar.github.io -> \n\n+ CVE-2024-3273 analysis (D-Link\n\n\nOriginal->", "creation_timestamp": "2026-05-05T08:16:26.300561Z"}, {"uuid": "fcdb9f86-9b7d-4a05-bf5d-ad18d2c9f961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3273", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3523", "content": "#exploit\n1. WhatsApp extension manipulation (PoC)\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC\n\n2. CVE-2024-3273:\nCommand Injection and Backdoor Account in D-Link NAS Devices\nhttps://github.com/adhikara13/CVE-2024-3273\n]-> tool: https://github.com/Chocapikk/CVE-2024-3273", "creation_timestamp": "2024-08-16T11:18:09.000000Z"}]}