Join us in-person to celebrate the launch of our first runZero Research Report! Learn more

Start Free Book Demo

Platform
- Overview
  The runZero Platform provides complete security visibility across IT, OT, IoT, cloud, mobile, and remote assets so that you can see and secure everything on your network.
- Integrations
  runZero seamlessly integrates with a wide variety of tools, enhancing network visibility, enriching asset data, and uncovering control gaps.
- Interactive Demos
  Take a deep dive into core features with our interactive demos.
- Community Edition
  Our completely free version of the runZero Platform is ideal for home use and environments with fewer than 100 assets.
Passive discovery reimagined

The new runZero Platform introduces novel passive discovery perfect for OT & ICS environments.

See what's new
Resources
- runZero Blog
  See what's happening at runZero and read up on the latest ideas, opinions, and articles from our experts and researchers.
- Rapid Response
  Respond to 0-day threats immediately with our prebuilt queries and tips from the runZero Research team.
- Resource Center
  Dive into a treasure trove of resources to expand your exposure management knowledge.
  
  Podcasts
  
  Webcasts
  
  Talks
  
  Videos
- Support Resources
  Everything you need to maximize your experience with the runZero Platform.
  
  Documentation
  
  REST API
  
  Open Source
  
  Changelog
Let's connect at RSAC

Meet our team, see what’s new in the Platform, & come relax in our Lounge — located next door to Moscone!

Register for Lounge access
Pricing
Customers
- Our Customers
  Our customers are everything. We're super proud to be trusted by leading organizations around the globe to help them improve their security.
- Case Studies
  See how runZero has empowered security teams to take control of their networks, uncover their unknowns, and save significant time and money.
- Testimonials
  Read reviews of the runZero Platform and see how teams have improved their security with our technology.
Case Study

York University discovered 2.5x more assets with runZero, enabling them to gain clear visibility and reduce risk in an ever-changing environment.

Read the case study
Partners
- Infinity Partner Program
  See how we can work together to provide best-in-class security solutions and outcomes for our joint customers.
- Trusted Advisor Program
  Do you perform project-based consulting services and want to use runZero to deliver great insights? This program is designed for you!
- Partner Directory
  Explore our directory of trusted (and awesome) partners.
- Partner Login
  Login to our Infinity Partner Portal.
Featured Partner

Carahsoft and runZero have joined forces to provide Public Sector customers the solutions they need to secure dynamic attack surfaces.

Read more
About
- About Us
  Wondering who the heck are these people? Meet the team and get the story behind runZero... once upon a time called Rumble.
- Events
  Track down runZero Yetis in the wild! Join us in-person or virtually at one of our upcoming events.
- Investors
  Meet the cybersecurity investors, trailblazers, and innovators who help us navigate our journey and the evolving security landscape.
- Newsroom
  Read the latest articles, announcements, and press releases from runZero.
- Careers
  Want to join our forces? We're looking for bright minds and passionate souls who want to write the next chapter in exposure management.
Life at runZero

Meet the newest rockstar on our squad: Zeti, the runZero Yeti! 🎉 This sub-zero hero is now our official mascot, and we’re excited to give you the lowdown on how Zeti came to be.

Learn more

Join us in-person to celebrate the launch of our first runZero Research Report! Learn more

Overview
The runZero Platform provides complete security visibility across IT, OT, IoT, cloud, mobile, and remote assets so that you can see and secure everything on your network.
Integrations
runZero seamlessly integrates with a wide variety of tools, enhancing network visibility, enriching asset data, and uncovering control gaps.
Interactive Demos
Take a deep dive into core features with our interactive demos.
Community Edition
Our completely free version of the runZero Platform is ideal for home use and environments with fewer than 100 assets.

Passive discovery reimagined

The new runZero Platform introduces novel passive discovery perfect for OT & ICS environments.

See what's new

runZero Blog
See what's happening at runZero and read up on the latest ideas, opinions, and articles from our experts and researchers.
Rapid Response
Respond to 0-day threats immediately with our prebuilt queries and tips from the runZero Research team.
Resource Center
Dive into a treasure trove of resources to expand your exposure management knowledge.
- Podcasts
- Webcasts
- Talks
- Videos
Support Resources
Everything you need to maximize your experience with the runZero Platform.

Let's connect at RSAC

Meet our team, see what’s new in the Platform, & come relax in our Lounge — located next door to Moscone!

Register for Lounge access

Our Customers
Our customers are everything. We're super proud to be trusted by leading organizations around the globe to help them improve their security.
Case Studies
See how runZero has empowered security teams to take control of their networks, uncover their unknowns, and save significant time and money.
Testimonials
Read reviews of the runZero Platform and see how teams have improved their security with our technology.

Case Study

York University discovered 2.5x more assets with runZero, enabling them to gain clear visibility and reduce risk in an ever-changing environment.

Read the case study

About Us
Wondering who the heck are these people? Meet the team and get the story behind runZero... once upon a time called Rumble.
Events
Track down runZero Yetis in the wild! Join us in-person or virtually at one of our upcoming events.
Investors
Meet the cybersecurity investors, trailblazers, and innovators who help us navigate our journey and the evolving security landscape.
Newsroom
Read the latest articles, announcements, and press releases from runZero.
Careers
Want to join our forces? We're looking for bright minds and passionate souls who want to write the next chapter in exposure management.

Life at runZero

Meet the newest rockstar on our squad: Zeti, the runZero Yeti! 🎉 This sub-zero hero is now our official mascot, and we’re excited to give you the lowdown on how Zeti came to be.

Learn more

Infinity Partner Program
See how we can work together to provide best-in-class security solutions and outcomes for our joint customers.
Trusted Advisor Program
Do you perform project-based consulting services and want to use runZero to deliver great insights? This program is designed for you!
Partner Directory
Explore our directory of trusted (and awesome) partners.
Partner Login
Login to our Infinity Partner Portal.

Featured Partner

Carahsoft and runZero have joined forces to provide Public Sector customers the solutions they need to secure dynamic attack surfaces.

Read more

How to find D-Link NAS Storage devices

Blain Smith

Updated April 10, 2024, 11:46am EDT

Latest D-Link vulnerability #

D-Link has disclosed multiple vulnerabilities in their D-Link NAS Storage products.

CVE-2024-3273 is rated high with CVSS score of 7.3 and allows an attacker to manipulate HTTP GET request arguments which can lead to remote command injection and execution.

What is the impact? #

This vulnerability impacts all DNS-340L, DNS-320L, DNS-327L, and DNS-325 network attached storage models. The vulnerabilities report is a Command Injection and Backdoor Account attack for the devices web management interface allowing a malicious user to exploit the devices.

Are updates or workarounds available? #

D-Link identified these devices as End of Life ("EOL")/End of Service Life ("EOS") Life-Cycle and will not receive updates. D-Link recommends these devices be replaced. If they cannot be replaced, then it is recommended that these devices be firewalled off from the public internet to disallow remote access from any other network.

How do I find potentially vulnerable systems with runZero? #

From the Asset Inventory, use the following query to locate systems running potentially vulnerable software:

(vendor:="D-Link" AND product:="DNS%") OR (name:="DNS-340L%" OR name:="DNS-320L%" OR name:="DNS-327L%" OR name:="DNS-325%")

Written by Blain Smith

Blain Smith is a Security Research Engineer at runZero. He spent most of his career in cloud and distributed systems for AAA gaming, entertainment, and networking working on some of the most popular games and systems millions of people play and watch daily. He has given numerous talks conferences such as TEDx, GopherCon, and P99CONF. His shift into infosec has afforded him the ability to apply his distributed systems and networking knowledge to other industries such as IoT and OT.

More about Blain Smith

Related Articles

Rapid Response

How to find Palo Alto Network firewalls running PAN-OS 11.1, 11.0, and 10.2

Palo Alto Networks disclosed that versions of their PAN-OS software have a vulnerability allowing for remote command injection. Here's how to find...

Rapid Response

How to find CrushFTP services

CrushFTP disclosed that versions of their file transfer software have a vulnerability allowing unauthenticated file system access. Here's how to...

Rapid Response

How to find outdated lighttpd services

Outdated versions of the open source lighttpd web server are vulnerable to a handful of security vulnerabilities

Rapid Response

How to find Brocade Fabric OS

On April 4, 2024, Broadcom disclosed a vulnerability in their Fabric OS operating system used in their Brocade storage networking devices. Here's...

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

Try It Free

© Copyright 2024 runZero, Inc. All Rights Reserved