TRY NOW

D-Link Vulnerability Audit – November 2024

Security Software Vulnerability

Discover D-Link NAS Devices Vulnerable to CVE-2024-10914

D-Link has released a security bulletin addressing the command injection vulnerability tracked as CVE-2024-10914. The vulnerability received a critical CVSS score of 9.2 and affects several models of D-Link NAS devices. In this bulletin, D-Link states that no security updates will be released for the affected devices as the affected devices are all past their end-of-life date. Nonetheless, some of these devices are still widely used and users are advised to retire the affected models and replace them with newer ones. You can read more in our D-Link vulnerability blog post.

The report below will help you locate vulnerable NAS devices. This way you have an actionable overview of all affected devices that you still need your intervention.

Run the D-Link Vulnerability Audit Report Now!

D-Link NAS Vulnerability Audit Lansweeper On-Prem Query

Select Top 1000000 tblAssets.AssetID,
tsysAssetTypes.AssetTypeIcon10 As Icon,
tblAssets.AssetName,
tblAssets.IPAddress,
tblAssets.Description,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysIPLocations.IPLocation,
Case
When (tblAssetCustom.Model Like '%DNS%320%' 
and tblAssetCustom.Model not Like '%L%') Then '1.00'
When tblAssetCustom.Model Like '%DNS%320LW%' Then '1.01.0914.2012'
When tblAssetCustom.Model Like '%DNS%325%' Then '1.01 and 1.02'
When tblAssetCustom.Model Like '%DNS%340L%' Then '1.08'
End As AffectedVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Firstseen,
tblAssets.Lastseen
From tblAssets
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Left Outer Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblState.Statename = 'Active' and tblAssetCustom.Manufacturer LIKE '%D%Link%'and 
((tblAssetCustom.Model Like '%DNS%320%' and
tblAssetCustom.Model not Like '%L%') or
tblAssetCustom.Model Like '%DNS%320LW%' or
tblAssetCustom.Model Like '%DNS%325%' or
tblAssetCustom.Model Like '%DNS%340L%') ;

Show

Hide

NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.