D-Link DNS-323 2-Bay Network Storage Enclosure

Platform Information https://eu.dlink.com/uk/en/products/dns-323-sharecenter-2-bay-network-storage-enclosure
Search Engine Search on Google
End of Sales Yes more info
End of Support -
Wired Connection Yes
Wireless Connection -
Fingerprinting Source HTTP NIC VENDOR
Added at Jul 09, 2019
Manufacturer Name D-Link Systems, Inc.
Homepage http://www.dlink.com
Headquarters Taiwan
Business Status Ongoing

Platform’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
No records found.
Manufacturer’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2019-18852
11/11/2019
HIGH
Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842 C1 v3.00.
CVE-2013-4857
10/25/2019
HIGH
D-Link DIR-865L has PHP File Inclusion in the router xml file.
CVE-2013-4856
10/25/2019
LOW
D-Link DIR-865L has Information Disclosure.
CVE-2013-4855
10/25/2019
HIGH
D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.
CVE-2019-17512
10/16/2019
MEDIUM
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router's log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces.