 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2024-3274 |
| Description: | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259285 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-3274 Submit #304706 | D-LINK DNS-327L, DNS-320L, DNS-320LW Version=1.02.0329.2013, Version=1.01.0914.2012, Version=1.01.0914.2012, Version=1.00.0409.2013 Exposure of Sensitive Information to an Unauthorized Actor https://vuldb.com/?submit.304706 VDB-259285 | CTI Indicators (IOB, IOC, TTP, IOA) https://vuldb.com/?ctiid.259285 VDB-259285 | D-Link DNS-320L/DNS-320LW/DNS-327L HTTP GET Request info.cgi information disclosure https://vuldb.com/?id.259285 https://github.com/netsecfish/info_cgi https://github.com/netsecfish/info_cgi https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 |