[Exploit] CVE-2024-3273 : Remote Command Injection
by trampoline - Sunday April 7, 2024 at 07:31 AM
#1
This script exploits CVE-2024-3273 vulnerability found in specific versions of D-Link NAS devices. (D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.)

It enables command execution and unauthorized access to the affected devices.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The vendor was contacted early and confirmed immediately that the product is end-of-life, so there's no option to patch this vulnerability. 

Hidden Content
You must register or login to view this content.

PS: I dont own source; only sharing for those who need.
Reply
#2
thx Ill check that
Reply
#3
Interesting poc, thanks for sharing!
Reply
#4
Oh handy.   Thank you very much.
Reply
#5
Example Vulns List:

https://95.31.10.75:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://85.241.83.183:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://78.194.4.148:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://135.0.83.46:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://78.192.60.76:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://212.204.182.58:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://62.197.213.36:8443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://60.52.29.209:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://109.196.197.99:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://85.243.192.126:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://118.200.94.154:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://82.64.76.18:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://86.175.205.127:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://94.224.57.54:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://45.170.153.243:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://87.102.103.232:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://175.139.28.222:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://82.0.36.192:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://1.20.164.205:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://5.71.195.114:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://95.79.221.53:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://114.32.179.223:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://99.240.218.159:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://77.103.182.161:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://79.117.59.190:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://194.31.37.158:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://38.50.36.26:80 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://31.46.48.177:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://216.180.65.220:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://93.21.176.14:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://185.166.210.148:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://62.74.84.65:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://188.73.151.89:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://98.177.130.150:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://188.142.194.107:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://154.126.209.145:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://82.65.188.168:80 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://109.190.83.247:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://77.100.12.161:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://96.51.169.216:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://81.103.154.68:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://141.134.19.98:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://78.198.143.78:8443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://200.105.58.249:8080 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://109.68.186.132:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://24.76.188.94:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://68.149.101.200:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://177.5.250.128:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://5.71.195.114:80 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://86.28.250.88:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://81.0.27.84:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://109.213.8.45:444 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://206.248.137.205:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://85.95.167.211:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://5.71.195.114:3128 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://82.65.5.115:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://89.135.129.61:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root) https://219.85.59.251:443 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root)
Reply
#6
Thanks for the resource bro
Reply
#7
dude i really need it pls
Ban reason: Leeching | http://raiddfzn73ir6iyxlf7nwytnujiflddog...an-Appeals if you feel this is incorrect. (Permanent)
Reply
#8
ExclamationExclamation
(04-07-2024, 07:31 AM)trampoline Wrote: This script exploits CVE-2024-3273 vulnerability found in specific versions of D-Link NAS devices. (D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.)

It enables command execution and unauthorized access to the affected devices.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The vendor was contacted early and confirmed immediately that the product is end-of-life, so there's no option to patch this vulnerability. 



PS: I dont own source; only sharing for those who need.
Reply
#9
Pretty interesting, thanks!
Reply
#10
let me take an look
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Google Dorks for finding SQL injection vulnerabilities and other security issues 1yush 65 2,465 07-02-2026, 02:50 AM
Last Post: NyxeraVX
  Ban Any Discord Exploit PhineasFisher 6 297 02-08-2026, 11:49 PM
Last Post: skype
  Cool Remote Patching ETW/Amsi PoC pepeloco 6 2,094 02-08-2026, 07:58 AM
Last Post: zeroday99
  CVE-2025-40554 - SolarWinds Web Help Desk Auth Bypass & RCE PoC miyako 3 76 02-07-2026, 03:32 PM
Last Post: cysc
  POC CVE-2025-24071 caca28sapo1 15 807 02-07-2026, 08:53 AM
Last Post: hacker0123



 Users browsing this thread: 1 Guest(s)