Published on 12 Apr 2024
D-Link has disclosed two vulnerabilities (CVE-2024-3272 & CVE-2024-3273) in their network-attached storage (NAS) devices. These vulnerabilities are reportedly being actively exploited.
The vulnerabilities are:
The vulnerabilities affect the following products:
The affected D-Link products have reached End of Life (EOL). Users and administrators of affected EOL products are advised to retire and replace their devices with products that are still supported by the manufacturer.
More information is available here:
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383