CVE-2024-3274
MEDIUM NUCLEID-Link DNS-320L, DNS-320LW, DNS-327L <20240403 - Info Disclosure
Title source: llmDescription
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259285 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
Nuclei Templates (1)
D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure
MEDIUMVERIFIEDby DhiyaneshDk
FOFA:
body="Text:In order to access the ShareCenter"
References (5)
Scores
CVSS v3
5.3
EPSS
0.5787
EPSS Percentile
98.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (3)
D-Link/DNS-320L
20240403
D-Link/DNS-320LW
20240403
D-Link/DNS-327L
20240403
Published
Apr 04, 2024
Tracked Since
Feb 18, 2026