Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
831 vulnerabilities by D-Link
CVE-2026-5312 (GCVE-0-2026-5312)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:30 – Updated: 2026-04-02 13:13
VLAI?
Title
D-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access control
Summary
A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function FMT_restart/Status_HDInfo/SMART_List/ScanDisk_info/ScanDisk/volume_status/Get_Volume_Mapping/FMT_check_disk_remount_state/FMT_rebuildinfo/FMT_result_list/FMT_result_list_phy/FMT_get_dminfo/FMT_manually_rebuild_info/Get_current_raidtype of the file /cgi-bin/dsk_mgr.cgi. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Ziyue Xie (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5312",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T13:12:44.950286Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T13:13:05.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ziyue Xie (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function FMT_restart/Status_HDInfo/SMART_List/ScanDisk_info/ScanDisk/volume_status/Get_Volume_Mapping/FMT_check_disk_remount_state/FMT_rebuildinfo/FMT_result_list/FMT_result_list_phy/FMT_get_dminfo/FMT_manually_rebuild_info/Get_current_raidtype of the file /cgi-bin/dsk_mgr.cgi. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:30:15.569Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354641 | D-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354641"
},
{
"name": "VDB-354641 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354641/cti"
},
{
"name": "Submit #780442 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780442"
},
{
"name": "Submit #780443 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780443"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_172/172.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_173/173.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-01T14:18:51.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5312",
"datePublished": "2026-04-01T20:30:15.569Z",
"dateReserved": "2026-04-01T12:13:37.400Z",
"dateUpdated": "2026-04-02T13:13:05.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5311 (GCVE-0-2026-5311)
Vulnerability from cvelistv5 – Published: 2026-04-01 19:45 – Updated: 2026-04-02 15:27
VLAI?
Title
D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control
Summary
A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function Webdav_Access_List of the file /cgi-bin/file_center.cgi. Performing a manipulation of the argument cmd results in improper access controls. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Ziyue Xie (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5311",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T15:26:11.181157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T15:27:57.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ziyue Xie (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function Webdav_Access_List of the file /cgi-bin/file_center.cgi. Performing a manipulation of the argument cmd results in improper access controls. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T19:45:14.221Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354640 | D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354640"
},
{
"name": "VDB-354640 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354640/cti"
},
{
"name": "Submit #780441 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780441"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_171/171.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-01T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-01T14:18:48.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5311",
"datePublished": "2026-04-01T19:45:14.221Z",
"dateReserved": "2026-04-01T12:13:33.464Z",
"dateUpdated": "2026-04-02T15:27:57.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5215 (GCVE-0-2026-5215)
Vulnerability from cvelistv5 – Published: 2026-03-31 21:15 – Updated: 2026-04-01 18:46
VLAI?
Title
D-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access control
Summary
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_get_ipv6 of the file /cgi-bin/network_mgr.cgi. Such manipulation leads to improper access controls. The exploit is publicly available and might be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Ziyue Xie (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5215",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T18:46:15.471970Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T18:46:26.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ziyue Xie (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_get_ipv6 of the file /cgi-bin/network_mgr.cgi. Such manipulation leads to improper access controls. The exploit is publicly available and might be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T21:15:19.202Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354351 | D-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354351"
},
{
"name": "VDB-354351 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354351/cti"
},
{
"name": "Submit #780440 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780440"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_170/170.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-31T12:35:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5215",
"datePublished": "2026-03-31T21:15:19.202Z",
"dateReserved": "2026-03-31T10:29:41.841Z",
"dateUpdated": "2026-04-01T18:46:26.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5214 (GCVE-0-2026-5214)
Vulnerability from cvelistv5 – Published: 2026-03-31 21:15 – Updated: 2026-04-01 15:53
VLAI?
Title
D-Link DNS-1550-04 account_mgr.cgi cgi_addgroup_get_group_quota_minsize stack-based overflow
Summary
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi_addgroup_get_group_quota_minsize of the file /cgi-bin/account_mgr.cgi. The manipulation of the argument Name results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Ziyue Xie (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5214",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T15:38:40.244697Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:53:13.104Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ziyue Xie (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi_addgroup_get_group_quota_minsize of the file /cgi-bin/account_mgr.cgi. The manipulation of the argument Name results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T21:15:14.464Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354349 | D-Link DNS-1550-04 account_mgr.cgi cgi_addgroup_get_group_quota_minsize stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354349"
},
{
"name": "VDB-354349 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354349/cti"
},
{
"name": "Submit #780439 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780439"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_169/169.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-31T12:35:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 account_mgr.cgi cgi_addgroup_get_group_quota_minsize stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5214",
"datePublished": "2026-03-31T21:15:14.464Z",
"dateReserved": "2026-03-31T10:29:38.215Z",
"dateUpdated": "2026-04-01T15:53:13.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5213 (GCVE-0-2026-5213)
Vulnerability from cvelistv5 – Published: 2026-03-31 20:15 – Updated: 2026-04-01 13:41
VLAI?
Title
D-Link DNS-1550-04 account_mgr.cgi cgi_adduser_to_session stack-based overflow
Summary
A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function cgi_adduser_to_session of the file /cgi-bin/account_mgr.cgi. This manipulation of the argument read_list causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Ziyue Xie (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5213",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T13:41:23.464600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T13:41:31.158Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ziyue Xie (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function cgi_adduser_to_session of the file /cgi-bin/account_mgr.cgi. This manipulation of the argument read_list causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:15:18.498Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354350 | D-Link DNS-1550-04 account_mgr.cgi cgi_adduser_to_session stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354350"
},
{
"name": "VDB-354350 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354350/cti"
},
{
"name": "Submit #780437 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780437"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_168/168.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-31T12:35:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 account_mgr.cgi cgi_adduser_to_session stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5213",
"datePublished": "2026-03-31T20:15:18.498Z",
"dateReserved": "2026-03-31T10:29:35.164Z",
"dateUpdated": "2026-04-01T13:41:31.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5212 (GCVE-0-2026-5212)
Vulnerability from cvelistv5 – Published: 2026-03-31 20:15 – Updated: 2026-04-03 16:40
VLAI?
Title
D-Link DNS-1550-04 webdav_mgr.cgi Webdav_Upload_File stack-based overflow
Summary
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function Webdav_Upload_File of the file /cgi-bin/webdav_mgr.cgi. The manipulation of the argument f_file leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Ziyue Xie (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5212",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-03T16:39:46.497354Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T16:40:05.322Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ziyue Xie (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function Webdav_Upload_File of the file /cgi-bin/webdav_mgr.cgi. The manipulation of the argument f_file leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T20:15:13.429Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354348 | D-Link DNS-1550-04 webdav_mgr.cgi Webdav_Upload_File stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354348"
},
{
"name": "VDB-354348 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354348/cti"
},
{
"name": "Submit #780435 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780435"
},
{
"name": "Submit #780436 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780436"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_166/166.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-31T12:34:50.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 webdav_mgr.cgi Webdav_Upload_File stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5212",
"datePublished": "2026-03-31T20:15:13.429Z",
"dateReserved": "2026-03-31T10:29:30.918Z",
"dateUpdated": "2026-04-03T16:40:05.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5211 (GCVE-0-2026-5211)
Vulnerability from cvelistv5 – Published: 2026-03-31 19:30 – Updated: 2026-04-01 12:32
VLAI?
Title
D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow
Summary
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function UPnP_AV_Server_Path_Del of the file /cgi-bin/app_mgr.cgi. Executing a manipulation of the argument f_dir can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Ziyue Xie (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5211",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T12:28:53.734289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T12:32:31.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ziyue Xie (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function UPnP_AV_Server_Path_Del of the file /cgi-bin/app_mgr.cgi. Executing a manipulation of the argument f_dir can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T19:30:17.872Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-354347 | D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/354347"
},
{
"name": "VDB-354347 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/354347/cti"
},
{
"name": "Submit #780434 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/780434"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_165/165.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-31T12:34:47.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5211",
"datePublished": "2026-03-31T19:30:17.872Z",
"dateReserved": "2026-03-31T10:29:27.201Z",
"dateUpdated": "2026-04-01T12:32:31.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-5024 (GCVE-0-2026-5024)
Vulnerability from cvelistv5 – Published: 2026-03-29 02:45 – Updated: 2026-03-30 15:53 Unsupported When Assigned
VLAI?
Title
D-Link DIR-513 formSetEmail stack-based overflow
Summary
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Credits
LtzHust2 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5024",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-30T15:53:24.205514Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T15:53:33.886Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DIR-513",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.10"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LtzHust2 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-29T02:45:13.138Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-353908 | D-Link DIR-513 formSetEmail stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/353908"
},
{
"name": "VDB-353908 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/353908/cti"
},
{
"name": "Submit #778414 | D-Link DIR-513 1.10 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/778414"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Litengzheng/vul_db/blob/main/Dir513/vul_30/README.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-27T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-27T15:34:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-513 formSetEmail stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-5024",
"datePublished": "2026-03-29T02:45:13.138Z",
"dateReserved": "2026-03-27T14:29:09.375Z",
"dateUpdated": "2026-03-30T15:53:33.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4627 (GCVE-0-2026-4627)
Vulnerability from cvelistv5 – Published: 2026-03-24 03:32 – Updated: 2026-03-24 13:33 Unsupported When Assigned
VLAI?
Title
D-Link DIR-825/DIR-825R NTP Service libdeuteron_modules.so handler_update_system_time os command injection
Summary
A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_time of the file libdeuteron_modules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
Credits
1935648903 (VulDB User)
VulDB
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T13:33:18.231606Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T13:33:31.838Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"NTP Service"
],
"product": "DIR-825",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.0.5"
},
{
"status": "affected",
"version": "4.5.1"
}
]
},
{
"modules": [
"NTP Service"
],
"product": "DIR-825R",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.0.5"
},
{
"status": "affected",
"version": "4.5.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "1935648903 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_time of the file libdeuteron_modules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 8.3,
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T03:32:49.354Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352495 | D-Link DIR-825/DIR-825R NTP Service libdeuteron_modules.so handler_update_system_time os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.352495"
},
{
"name": "VDB-352495 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352495"
},
{
"name": "Submit #775794 | D-Link DIR-825I 1.0.5 OS Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.775794"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-23T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-23T07:35:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-825/DIR-825R NTP Service libdeuteron_modules.so handler_update_system_time os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4627",
"datePublished": "2026-03-24T03:32:49.354Z",
"dateReserved": "2026-03-23T06:30:08.559Z",
"dateUpdated": "2026-03-24T13:33:31.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4555 (GCVE-0-2026-4555)
Vulnerability from cvelistv5 – Published: 2026-03-22 16:51 – Updated: 2026-03-23 15:28 Unsupported When Assigned
VLAI?
Title
D-Link DIR-513 boa formEasySetTimezone memory corruption
Summary
A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the file /goform/formEasySetTimezone of the component boa. This manipulation of the argument curTime causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Credits
LtzHust2 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4555",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T15:28:03.109187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:28:12.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"boa"
],
"product": "DIR-513",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.10"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LtzHust2 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the file /goform/formEasySetTimezone of the component boa. This manipulation of the argument curTime causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-22T16:51:22.507Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352382 | D-Link DIR-513 boa formEasySetTimezone memory corruption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.352382"
},
{
"name": "VDB-352382 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352382"
},
{
"name": "Submit #774936 | D-Link DIR-513 1.10 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.774936"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Litengzheng/vul_db/blob/main/Dir513/vul_24/README.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-21T18:07:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-513 boa formEasySetTimezone memory corruption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4555",
"datePublished": "2026-03-22T16:51:22.507Z",
"dateReserved": "2026-03-21T17:01:53.514Z",
"dateUpdated": "2026-03-23T15:28:12.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4529 (GCVE-0-2026-4529)
Vulnerability from cvelistv5 – Published: 2026-03-21 23:02 – Updated: 2026-03-23 16:33 Unsupported When Assigned
VLAI?
Title
D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow
Summary
A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Credits
xiaobor123 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4529",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T16:33:14.781902Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T16:33:38.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SOAP Handler"
],
"product": "DHP-1320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.00WWB04"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "xiaobor123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-21T23:02:14.289Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352317 | D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.352317"
},
{
"name": "VDB-352317 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352317"
},
{
"name": "Submit #773932 | DLink dhp-1320 A1 v1.00WWB04 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.773932"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dhp1320-dlink"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-21T08:47:15.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4529",
"datePublished": "2026-03-21T23:02:14.289Z",
"dateReserved": "2026-03-21T07:42:09.435Z",
"dateUpdated": "2026-03-23T16:33:38.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4499 (GCVE-0-2026-4499)
Vulnerability from cvelistv5 – Published: 2026-03-20 19:32 – Updated: 2026-03-20 19:55
VLAI?
Title
D-Link DIR-820LW SSDP ssdpcgi_main os command injection
Summary
A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi_main of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Credits
junqi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4499",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T19:55:34.577425Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T19:55:44.639Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SSDP"
],
"product": "DIR-820LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "2.03"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "junqi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi_main of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T19:32:15.317Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352055 | D-Link DIR-820LW SSDP ssdpcgi_main os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.352055"
},
{
"name": "VDB-352055 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352055"
},
{
"name": "Submit #773883 | D-Link DIR-820LW B2.03 OS Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.773883"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/yunleeeee/cve/issues/1"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/user-attachments/files/25790888/OS.Command.Injection.in.D-Link.DIR-820LW.B2.03.via.the.HTTP_ST.environment.variable.in.ssdpcgi_main.function.zip"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-20T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-20T13:26:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-820LW SSDP ssdpcgi_main os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4499",
"datePublished": "2026-03-20T19:32:15.317Z",
"dateReserved": "2026-03-20T12:21:12.110Z",
"dateUpdated": "2026-03-20T19:55:44.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4486 (GCVE-0-2026-4486)
Vulnerability from cvelistv5 – Published: 2026-03-20 14:02 – Updated: 2026-03-20 14:35 Unsupported When Assigned
VLAI?
Title
D-Link DIR-513 Web Service formEasySetPassword stack-based overflow
Summary
A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Credits
AttackingLin (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4486",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T14:35:28.432922Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T14:35:33.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Service"
],
"product": "DIR-513",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.10"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "AttackingLin (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T14:02:14.729Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-352009 | D-Link DIR-513 Web Service formEasySetPassword stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.352009"
},
{
"name": "VDB-352009 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.352009"
},
{
"name": "Submit #773537 | D-Link DIR-513 1.10 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.773537"
},
{
"name": "Submit #773566 | D-Link DIR-513 1.10 Buffer Overflow (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.773566"
},
{
"tags": [
"related"
],
"url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/formEasySetPassword.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formEasySetPassword/poc.py"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-20T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-20T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-20T09:23:42.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-513 Web Service formEasySetPassword stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4486",
"datePublished": "2026-03-20T14:02:14.729Z",
"dateReserved": "2026-03-20T08:18:38.288Z",
"dateUpdated": "2026-03-20T14:35:33.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4465 (GCVE-0-2026-4465)
Vulnerability from cvelistv5 – Published: 2026-03-20 02:02 – Updated: 2026-03-20 14:40 Unsupported When Assigned
VLAI?
Title
D-Link DIR-513 formSysCmd os command injection
Summary
A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Credits
AttackingLin (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4465",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-20T14:40:31.350906Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T14:40:38.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DIR-513",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.10"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "AttackingLin (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T02:02:14.751Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351755 | D-Link DIR-513 formSysCmd os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351755"
},
{
"name": "VDB-351755 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351755"
},
{
"name": "Submit #772866 | D-Link DIR-513 1.10 RCE",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.772866"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formSysCmd.pdf"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-19T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-19T21:34:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-513 formSysCmd os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4465",
"datePublished": "2026-03-20T02:02:14.751Z",
"dateReserved": "2026-03-19T20:28:56.507Z",
"dateUpdated": "2026-03-20T14:40:38.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4214 (GCVE-0-2026-4214)
Vulnerability from cvelistv5 – Published: 2026-03-16 04:32 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow
Summary
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP_AV_Server_Path_Setting of the file /cgi-bin/app_mgr.cgi. Executing a manipulation can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjq123 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4214",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:25:50.340086Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:37.489Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjq123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP_AV_Server_Path_Setting of the file /cgi-bin/app_mgr.cgi. Executing a manipulation can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T04:32:10.373Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351125 | D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351125"
},
{
"name": "VDB-351125 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351125"
},
{
"name": "Submit #770445 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770445"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_164/164.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T13:08:11.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4214",
"datePublished": "2026-03-16T04:32:10.373Z",
"dateReserved": "2026-03-15T12:02:57.695Z",
"dateUpdated": "2026-03-16T14:40:37.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4213 (GCVE-0-2026-4213)
Vulnerability from cvelistv5 – Published: 2026-03-16 04:02 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 gui_mgr.cgi cgi_myfavorite_verify stack-based overflow
Summary
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function cgi_myfavorite_del_user/cgi_myfavorite_verify of the file /cgi-bin/gui_mgr.cgi. Performing a manipulation results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjqwudi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4213",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:27:31.903041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:37.269Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function cgi_myfavorite_del_user/cgi_myfavorite_verify of the file /cgi-bin/gui_mgr.cgi. Performing a manipulation results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T04:02:09.641Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351124 | D-Link DNS-1550-04 gui_mgr.cgi cgi_myfavorite_verify stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351124"
},
{
"name": "VDB-351124 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351124"
},
{
"name": "Submit #770443 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770443"
},
{
"name": "Submit #770444 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770444"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_162/162.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_163/163.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T13:07:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 gui_mgr.cgi cgi_myfavorite_verify stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4213",
"datePublished": "2026-03-16T04:02:09.641Z",
"dateReserved": "2026-03-15T12:02:52.367Z",
"dateUpdated": "2026-03-16T14:40:37.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4212 (GCVE-0-2026-4212)
Vulnerability from cvelistv5 – Published: 2026-03-16 03:32 – Updated: 2026-03-16 15:30
VLAI?
Title
D-Link DNS-1550-04 download_mgr.cgi Downloads_Schedule_Info stack-based overflow
Summary
A security vulnerability has been detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function Downloads_Schedule_Info of the file /cgi-bin/download_mgr.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjqwudi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4212",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:30:18.101617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:30:26.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function Downloads_Schedule_Info of the file /cgi-bin/download_mgr.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T03:32:14.004Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351123 | D-Link DNS-1550-04 download_mgr.cgi Downloads_Schedule_Info stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351123"
},
{
"name": "VDB-351123 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351123"
},
{
"name": "Submit #770442 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770442"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_161/161.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T13:07:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 download_mgr.cgi Downloads_Schedule_Info stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4212",
"datePublished": "2026-03-16T03:32:14.004Z",
"dateReserved": "2026-03-15T12:02:46.389Z",
"dateUpdated": "2026-03-16T15:30:26.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4211 (GCVE-0-2026-4211)
Vulnerability from cvelistv5 – Published: 2026-03-16 03:32 – Updated: 2026-03-16 15:30
VLAI?
Title
D-Link DNS-1550-04 local_backup_mgr.cgi Local_Backup_Info stack-based overflow
Summary
A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this issue is the function Local_Backup_Info of the file /cgi-bin/local_backup_mgr.cgi. This manipulation of the argument f_idx causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjqwudi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4211",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:30:50.377709Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:30:57.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this issue is the function Local_Backup_Info of the file /cgi-bin/local_backup_mgr.cgi. This manipulation of the argument f_idx causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T03:32:10.022Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351122 | D-Link DNS-1550-04 local_backup_mgr.cgi Local_Backup_Info stack-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351122"
},
{
"name": "VDB-351122 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351122"
},
{
"name": "Submit #770441 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770441"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_160/160.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T13:04:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 local_backup_mgr.cgi Local_Backup_Info stack-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4211",
"datePublished": "2026-03-16T03:32:10.022Z",
"dateReserved": "2026-03-15T11:59:27.035Z",
"dateUpdated": "2026-03-16T15:30:57.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4210 (GCVE-0-2026-4210)
Vulnerability from cvelistv5 – Published: 2026-03-16 03:02 – Updated: 2026-03-16 15:31
VLAI?
Title
D-Link DNS-1550-04 time_machine.cgi cgi_tm_set_share command injection
Summary
A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function cgi_tm_set_share of the file /cgi-bin/time_machine.cgi. The manipulation of the argument Name results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjqwudi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4210",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:31:21.237679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:31:27.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function cgi_tm_set_share of the file /cgi-bin/time_machine.cgi. The manipulation of the argument Name results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T03:02:16.888Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351121 | D-Link DNS-1550-04 time_machine.cgi cgi_tm_set_share command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351121"
},
{
"name": "VDB-351121 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351121"
},
{
"name": "Submit #770440 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770440"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_159/159.md"
},
{
"tags": [
"broken-link",
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T13:03:22.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 time_machine.cgi cgi_tm_set_share command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4210",
"datePublished": "2026-03-16T03:02:16.888Z",
"dateReserved": "2026-03-15T11:58:18.779Z",
"dateUpdated": "2026-03-16T15:31:27.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4209 (GCVE-0-2026-4209)
Vulnerability from cvelistv5 – Published: 2026-03-16 02:32 – Updated: 2026-03-16 15:31
VLAI?
Title
D-Link DNS-1550-04 account_mgr.cgi cgi_chg_admin_pw command injection
Summary
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function cgi_create_import_users/cgi_user_batch_create/cgi_user_set_quota/cgi_user_del/cgi_user_modify/cgi_group_set_quota/cgi_group_modify/cgi_group_add/cgi_user_add/cgi_get_modify_group_info/cgi_chg_admin_pw of the file /cgi-bin/account_mgr.cgi. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjqwudi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4209",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T15:31:50.168450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T15:31:58.188Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function cgi_create_import_users/cgi_user_batch_create/cgi_user_set_quota/cgi_user_del/cgi_user_modify/cgi_group_set_quota/cgi_group_modify/cgi_group_add/cgi_user_add/cgi_get_modify_group_info/cgi_chg_admin_pw of the file /cgi-bin/account_mgr.cgi. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T02:32:13.384Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351120 | D-Link DNS-1550-04 account_mgr.cgi cgi_chg_admin_pw command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351120"
},
{
"name": "VDB-351120 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351120"
},
{
"name": "Submit #770429 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770429"
},
{
"name": "Submit #770430 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770430"
},
{
"name": "Submit #770431 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770431"
},
{
"name": "Submit #770432 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770432"
},
{
"name": "Submit #770433 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770433"
},
{
"name": "Submit #770434 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770434"
},
{
"name": "Submit #770435 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770435"
},
{
"name": "Submit #770436 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770436"
},
{
"name": "Submit #770437 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770437"
},
{
"name": "Submit #770438 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770438"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_148/148.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_149/149.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T13:01:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 account_mgr.cgi cgi_chg_admin_pw command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4209",
"datePublished": "2026-03-16T02:32:13.384Z",
"dateReserved": "2026-03-15T11:55:59.083Z",
"dateUpdated": "2026-03-16T15:31:58.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4207 (GCVE-0-2026-4207)
Vulnerability from cvelistv5 – Published: 2026-03-16 02:32 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 system_mgr.cgi cgi_ntp_time command injection
Summary
A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi_device/cgi_sms_test/cgi_firmware_upload/cgi_ntp_time of the file /cgi-bin/system_mgr.cgi. Executing a manipulation can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Bond_yes (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4207",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:28:23.019189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:37.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Bond_yes (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi_device/cgi_sms_test/cgi_firmware_upload/cgi_ntp_time of the file /cgi-bin/system_mgr.cgi. Executing a manipulation can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T02:32:08.998Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351119 | D-Link DNS-1550-04 system_mgr.cgi cgi_ntp_time command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351119"
},
{
"name": "VDB-351119 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351119"
},
{
"name": "Submit #770420 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770420"
},
{
"name": "Submit #770422 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770422"
},
{
"name": "Submit #770423 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770423"
},
{
"name": "Submit #770425 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770425"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_141/141.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_142/142.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T12:56:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 system_mgr.cgi cgi_ntp_time command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4207",
"datePublished": "2026-03-16T02:32:08.998Z",
"dateReserved": "2026-03-15T11:51:15.813Z",
"dateUpdated": "2026-03-16T14:40:37.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4206 (GCVE-0-2026-4206)
Vulnerability from cvelistv5 – Published: 2026-03-16 02:02 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 dsk_mgr.cgi ScanDisk_run_e2fsck command injection
Summary
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function FMT_rebuild_diskmgr/FMT_create_diskmgr/ScanDisk_run_e2fsck of the file /cgi-bin/dsk_mgr.cgi. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Bond_yes (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4206",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:28:50.753053Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:36.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Bond_yes (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function FMT_rebuild_diskmgr/FMT_create_diskmgr/ScanDisk_run_e2fsck of the file /cgi-bin/dsk_mgr.cgi. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T02:02:10.513Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351118 | D-Link DNS-1550-04 dsk_mgr.cgi ScanDisk_run_e2fsck command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351118"
},
{
"name": "VDB-351118 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351118"
},
{
"name": "Submit #770417 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770417"
},
{
"name": "Submit #770418 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770418"
},
{
"name": "Submit #770419 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770419"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_138/138.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_139/139.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T12:53:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 dsk_mgr.cgi ScanDisk_run_e2fsck command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4206",
"datePublished": "2026-03-16T02:02:10.513Z",
"dateReserved": "2026-03-15T11:48:52.848Z",
"dateUpdated": "2026-03-16T14:40:36.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4205 (GCVE-0-2026-4205)
Vulnerability from cvelistv5 – Published: 2026-03-16 01:32 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection
Summary
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_refresh_db/FTP_Server_BlockIP_Add/FTP_Server_BlockIP_Del of the file /cgi-bin/app_mgr.cgi. Such manipulation leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Bond (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4205",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:29:32.625443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:36.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Bond (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_refresh_db/FTP_Server_BlockIP_Add/FTP_Server_BlockIP_Del of the file /cgi-bin/app_mgr.cgi. Such manipulation leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T01:32:09.418Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351117 | D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351117"
},
{
"name": "VDB-351117 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351117"
},
{
"name": "Submit #770410 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770410"
},
{
"name": "Submit #770411 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770411"
},
{
"name": "Submit #770412 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770412"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_131/131.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_132/132.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T12:42:00.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4205",
"datePublished": "2026-03-16T01:32:09.418Z",
"dateReserved": "2026-03-15T11:36:55.279Z",
"dateUpdated": "2026-03-16T14:40:36.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4204 (GCVE-0-2026-4204)
Vulnerability from cvelistv5 – Published: 2026-03-16 01:02 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 gui_mgr.cgi cgi_mycloud_auto_downlaod command injection
Summary
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function cgi_myfavorite_add/cgi_myfavorite_set/cgi_myfavorite_del/cgi_myfavorite_set_sort_info/cgi_myfavorite_remove_apkg/cgi_myfavorite_compare_apkg/cgi_mycloud_auto_downlaod of the file /cgi-bin/gui_mgr.cgi. This manipulation of the argument f_user causes command injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Bond (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4204",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:30:15.572243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:36.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Bond (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function cgi_myfavorite_add/cgi_myfavorite_set/cgi_myfavorite_del/cgi_myfavorite_set_sort_info/cgi_myfavorite_remove_apkg/cgi_myfavorite_compare_apkg/cgi_mycloud_auto_downlaod of the file /cgi-bin/gui_mgr.cgi. This manipulation of the argument f_user causes command injection. Remote exploitation of the attack is possible. The exploit has been published and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T01:02:15.336Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351116 | D-Link DNS-1550-04 gui_mgr.cgi cgi_mycloud_auto_downlaod command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351116"
},
{
"name": "VDB-351116 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351116"
},
{
"name": "Submit #770409 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770409"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_130/130.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T12:40:29.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 gui_mgr.cgi cgi_mycloud_auto_downlaod command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4204",
"datePublished": "2026-03-16T01:02:15.336Z",
"dateReserved": "2026-03-15T11:35:22.425Z",
"dateUpdated": "2026-03-16T14:40:36.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4203 (GCVE-0-2026-4203)
Vulnerability from cvelistv5 – Published: 2026-03-16 01:02 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 network_mgr.cgi cgi_dhcpd command injection
Summary
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi_portforwarding_add/cgi_portforwarding_del/cgi_portforwarding_modify/cgi_portforwarding_add_scan/cgi_dhcpd_lease/cgi_ddns/cgi_ip/cgi_dhcpd of the file /cgi-bin/network_mgr.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjq123 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4203",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:30:37.762818Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:36.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjq123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi_portforwarding_add/cgi_portforwarding_del/cgi_portforwarding_modify/cgi_portforwarding_add_scan/cgi_dhcpd_lease/cgi_ddns/cgi_ip/cgi_dhcpd of the file /cgi-bin/network_mgr.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T01:02:10.990Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351115 | D-Link DNS-1550-04 network_mgr.cgi cgi_dhcpd command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351115"
},
{
"name": "VDB-351115 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351115"
},
{
"name": "Submit #770401 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770401"
},
{
"name": "Submit #770402 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770402"
},
{
"name": "Submit #770403 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770403"
},
{
"name": "Submit #770404 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 command (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770404"
},
{
"name": "Submit #770405 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770405"
},
{
"name": "Submit #770406 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770406"
},
{
"name": "Submit #770407 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770407"
},
{
"name": "Submit #770408 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770408"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_122/122.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_123/123.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T12:38:47.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 network_mgr.cgi cgi_dhcpd command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4203",
"datePublished": "2026-03-16T01:02:10.990Z",
"dateReserved": "2026-03-15T11:33:42.215Z",
"dateUpdated": "2026-03-16T14:40:36.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4197 (GCVE-0-2026-4197)
Vulnerability from cvelistv5 – Published: 2026-03-15 23:32 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection
Summary
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function RSS_Get_Update_Status/RSS_Update/RSS_Channel_AutoDownlaod/RSS_Add/RSS_Channel_Item_Downlaod/RSS_History_Item_List/RSS_Item_List of the file /cgi-bin/download_mgr.cgi. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjq123 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4197",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:30:58.164038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:36.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjq123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function RSS_Get_Update_Status/RSS_Update/RSS_Channel_AutoDownlaod/RSS_Add/RSS_Channel_Item_Downlaod/RSS_History_Item_List/RSS_Item_List of the file /cgi-bin/download_mgr.cgi. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made public and could be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:32:15.445Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351109 | D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351109"
},
{
"name": "VDB-351109 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351109"
},
{
"name": "Submit #769864 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769864"
},
{
"name": "Submit #769865 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769865"
},
{
"name": "Submit #769866 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769866"
},
{
"name": "Submit #769867 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769867"
},
{
"name": "Submit #769868 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769868"
},
{
"name": "Submit #769869 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769869"
},
{
"name": "Submit #769870 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769870"
},
{
"name": "Submit #770363 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770363"
},
{
"name": "Submit #770364 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.770364"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_102/102.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_103/103.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T09:28:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4197",
"datePublished": "2026-03-15T23:32:15.445Z",
"dateReserved": "2026-03-15T08:22:57.970Z",
"dateUpdated": "2026-03-16T14:40:36.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4196 (GCVE-0-2026-4196)
Vulnerability from cvelistv5 – Published: 2026-03-15 23:32 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 remote_backup.cgi cgi_set_rsync_server command injection
Summary
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi_recovery/cgi_backup_now/cgi_set_schedule/cgi_set_rsync_server of the file /cgi-bin/remote_backup.cgi. The manipulation leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjq123 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4196",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:31:29.404938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:35.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjq123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi_recovery/cgi_backup_now/cgi_set_schedule/cgi_set_rsync_server of the file /cgi-bin/remote_backup.cgi. The manipulation leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:32:11.114Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351108 | D-Link DNS-1550-04 remote_backup.cgi cgi_set_rsync_server command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351108"
},
{
"name": "VDB-351108 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351108"
},
{
"name": "Submit #769855 | D-Link DNS-120\u3001DNR-202L\u3001DNS-315L\u3001DNS-320\u3001DNS-320L\u3001DNS-320LW\u3001DNS-321\u3001DNR-322L\u3001DNS-323\u3001DNS-325\u3001DNS-326\u3001DNS-327L\u3001DNR-326\u3001DNS-340L\u3001DNS-343\u3001 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769855"
},
{
"name": "Submit #769856 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769856"
},
{
"name": "Submit #769857 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769857"
},
{
"name": "Submit #769858 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769858"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_98/98.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_99/99.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T09:28:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 remote_backup.cgi cgi_set_rsync_server command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4196",
"datePublished": "2026-03-15T23:32:11.114Z",
"dateReserved": "2026-03-15T08:22:51.610Z",
"dateUpdated": "2026-03-16T14:40:35.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4195 (GCVE-0-2026-4195)
Vulnerability from cvelistv5 – Published: 2026-03-15 23:02 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 wizard_mgr.cgi command injection
Summary
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file /cgi-bin/wizard_mgr.cgi. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjq123 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4195",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:31:49.086500Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:35.838Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjq123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file /cgi-bin/wizard_mgr.cgi. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:02:19.813Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351107 | D-Link DNS-1550-04 wizard_mgr.cgi command injection",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.351107"
},
{
"name": "VDB-351107 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351107"
},
{
"name": "Submit #769854 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769854"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_97/97.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T09:27:54.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 wizard_mgr.cgi command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4195",
"datePublished": "2026-03-15T23:02:19.813Z",
"dateReserved": "2026-03-15T08:22:46.311Z",
"dateUpdated": "2026-03-16T14:40:35.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4194 (GCVE-0-2026-4194)
Vulnerability from cvelistv5 – Published: 2026-03-15 23:02 – Updated: 2026-03-16 14:40
VLAI?
Title
D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control
Summary
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_set_wto of the file /cgi-bin/system_mgr.cgi. Performing a manipulation results in improper access controls. Remote exploitation of the attack is possible. The exploit is now public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| D-Link | DNS-120 |
Affected:
20260205
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
pjq123 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4194",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:32:18.747756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:35.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DNS-120",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-202L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-315L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-320LW",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-321",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-322L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-323",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-325",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-327L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNR-326",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-340L",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-343",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-345",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-726-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1100-4",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1200-05",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
},
{
"product": "DNS-1550-04",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "20260205"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjq123 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_set_wto of the file /cgi-bin/system_mgr.cgi. Performing a manipulation results in improper access controls. Remote exploitation of the attack is possible. The exploit is now public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:02:14.929Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351106 | D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351106"
},
{
"name": "VDB-351106 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351106"
},
{
"name": "Submit #769853 | D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769853"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_96/96.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T09:27:48.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4194",
"datePublished": "2026-03-15T23:02:14.929Z",
"dateReserved": "2026-03-15T08:22:37.852Z",
"dateUpdated": "2026-03-16T14:40:35.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4193 (GCVE-0-2026-4193)
Vulnerability from cvelistv5 – Published: 2026-03-15 23:02 – Updated: 2026-03-16 14:40 Unsupported When Assigned
VLAI?
Title
D-Link DIR-823G goahead UpdateClientInfo access control
Summary
A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Credits
pjqwudi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4193",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-16T14:33:07.803381Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-16T14:40:35.349Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"goahead"
],
"product": "DIR-823G",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "1.0.2B05"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "pjqwudi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T23:02:10.715Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-351105 | D-Link DIR-823G goahead UpdateClientInfo access control",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.351105"
},
{
"name": "VDB-351105 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.351105"
},
{
"name": "Submit #769835 | D-Link 1.0.2B05 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769835"
},
{
"name": "Submit #769836 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769836"
},
{
"name": "Submit #769837 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769837"
},
{
"name": "Submit #769838 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769838"
},
{
"name": "Submit #769839 | D-Link DIR823G 1.0.2B05 Stack-based Buffer Overflow (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769839"
},
{
"name": "Submit #769841 | D-Link DIR823G 1.0.2B05 Improper Access Controls (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.769841"
},
{
"tags": [
"related"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_91/91.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link7/vuln_92/92.md"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-15T09:12:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DIR-823G goahead UpdateClientInfo access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-4193",
"datePublished": "2026-03-15T23:02:10.715Z",
"dateReserved": "2026-03-15T08:07:31.639Z",
"dateUpdated": "2026-03-16T14:40:35.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}