In a significant cybersecurity revelation, over 92,000 D-Link Network Attached Storage (NAS) devices have been found vulnerable due to critical flaws, putting them at risk of malware attacks. These vulnerabilities, disclosed by a threat researcher known as ‘Netsecfish,’ highlight the dangers posed by two major issues: a hardcoded backdoor account and a command injection flaw. These problems, when combined, could allow attackers to remotely execute commands on the affected devices, leading to unauthorized access and potential data breaches.
The vulnerabilities, collectively referred to under the identifier CVE-2024-3273, specifically impact several models of D-Link NAS devices, including DNS-320L, DNS-325, DNS-327L, and DNS-340L. These devices, now considered end-of-life (EOL) by D-Link, are no longer supported by the manufacturer, leaving them without the possibility of receiving official patches or updates to mitigate these vulnerabilities. The discovery of these flaws underscores the importance of maintaining up-to-date hardware and software to protect against cyber threats.
D-Link has recommended that users of these affected devices retire them and replace them with current models that receive regular firmware updates. Furthermore, the company has published a security bulletin to raise awareness about the flaw and has established a dedicated support page for legacy devices. This situation serves as a stark reminder of the risks associated with continuing to use outdated and unsupported technology, especially when it involves devices connected to the internet.
The vulnerabilities in D-Link’s NAS devices are part of a larger trend of cyber threats targeting NAS devices. For instance, Synology, another NAS manufacturer, warned its users about the StealthWorker botnet, which conducts brute-force attacks to install ransomware on compromised devices. Similarly, CISA has issued warnings about vulnerabilities in other systems, such as Microsoft’s Streaming Service, that have been exploited in malware attacks. These incidents highlight the ongoing challenges in cybersecurity and the need for vigilance and proactive measures to protect against threats.
In response to these vulnerabilities, it’s crucial for organizations and individuals to assess their use of NAS devices and ensure that they are using hardware that is currently supported and regularly updated. Implementing strong passwords, enabling two-factor authentication, and restricting internet access to NAS devices can further mitigate the risk of cyber attacks.
This series of vulnerabilities and the subsequent recommendations serve as a critical reminder of the importance of cybersecurity hygiene in the era of increasing digital threats. As cyber threats continue to evolve, staying informed and taking proactive security measures will be key to protecting sensitive information and maintaining the integrity of digital infrastructures​.