nickswink/D-Link-NAS-Devices-Unauthenticated-RCE

UNTESTED exploit script for CVE-2024-3272 + CVE-2024-3273. The script exploits a backdoor authentication bypass + arbitrary command injection vulnerability.

Python

Unauthenticated RCE

Backdoor authentication bypass + command injection vulnerability. Script exploits CVE-2024-3272 + CVE-2024-3273.

Credits

Originally discovered @necsecfish - https://github.com/netsecfish/dlink