D-Link
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any D-Link product.
RSS Feeds for D-Link security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in D-Link products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by D-Link Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 142 vulnerabilities in D-Link with an average score of 7.4 out of ten. Last year, in 2025 D-Link had 240 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in D-Link in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.74
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 142 | 7.39 |
| 2025 | 240 | 8.14 |
| 2024 | 347 | 8.49 |
| 2023 | 85 | 9.01 |
| 2022 | 39 | 9.05 |
| 2021 | 10 | 8.60 |
| 2020 | 11 | 8.00 |
| 2019 | 7 | 9.57 |
| 2018 | 5 | 7.70 |
It may take a day or so for new D-Link vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D-Link Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-8346 | May 11, 2026 |
D-Link DIR-816 1.10CNB05_R1B011D88210 cmd injection via portForwardA vulnerability was detected in D-Link DIR-816 1.10CNB05_R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ip_address results in command injection. The attack can be initiated remotely. The exploit is now public and may be used. |
|
| CVE-2026-8345 | May 11, 2026 |
D-Link DIR-816 1.10CNB05 Command Injection via /goform/singlePortForwardA security vulnerability has been detected in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this issue is the function sub_445E7C of the file /goform/singlePortForward. Such manipulation of the argument ip_address leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. |
|
| CVE-2026-8344 | May 11, 2026 |
D-Link DIR-816 1.10CNB05_R1B011D88210 CMD Injection in DMZ.cgi (CVE-2026-8344)A weakness has been identified in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this vulnerability is the function sub_445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. |
|
| CVE-2026-8273 | May 11, 2026 |
D-Link DNS-320 2.06B01 OS Command Injection via /cgi-bin/system_mgr.cgiA weakness has been identified in D-Link DNS-320 2.06B01. This impacts the function cgi_set_host/cgi_set_ntp/cgi_fan_control/cgi_merge_user of the file /cgi-bin/system_mgr.cgi. This manipulation causes os command injection. It is possible to initiate the attack remotely. |
|
| CVE-2026-8272 | May 11, 2026 |
D-Link DNS-320 2.06B01 Command Injection via webfile_mgr.cgiA security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfile_mgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. |
|
| CVE-2026-8271 | May 11, 2026 |
D-Link DNS-320 2.06B01 Remote OS Command Injection via /cgi-bin/network_mgr.cgiA vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi. The manipulation leads to os command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. |
|
| CVE-2026-8260 | May 11, 2026 |
D-Link DCS-935L HNAP Service buffer overflow via AdminPassword (<=1.10.01)A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnap_service of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used. |
|
| CVE-2026-7857 | May 05, 2026 |
D-Link DI-8100 16.07.26A1 CGI Handler Buffer Overflow (sprintf)A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
|
| CVE-2026-7856 | May 05, 2026 |
Buffer Overflow in D-Link DI-8100 WebMgmt /url_member.asp (v16.07.26A1)A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. |
|
| CVE-2026-7855 | May 05, 2026 |
D-Link DI-8100 16.07.26A1 HTTP Request Handler tggl.asp Buffer OverflowA vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. |
|
| CVE-2026-7854 | May 05, 2026 |
D-Link DI-8100 16.07.26A1 Buffer Overflow in url_rule.asp via POSTA security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. |
|
| CVE-2026-7853 | May 05, 2026 |
D-Link DI-8100 16.07.26A1 Buffer Overflow in HTTP Handler's sprintf: Remote ExploitA weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. |
|
| CVE-2026-7851 | May 05, 2026 |
Stack Buffer Overflow in D-Link DI-8100 16.07.26A1 (yyxz.asp)A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. |
|
| CVE-2026-42376 | May 04, 2026 |
Hardcoded Telnet Backdoor in D-Link DIR-456U (EOL)D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01_dlob_dir456U" read from /etc/config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. |
Dir 456u Firmware
|
| CVE-2026-42375 | May 04, 2026 |
CVE-2026-42375: Hardcoded Telnet Backdoor in D-Link DIR-600L (EOL)D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. |
Dir 600l Firmware
|
| CVE-2026-42374 | May 04, 2026 |
D-Link DIR-600L: Hardcoded Telnet Backdoor Grants Root via Custom TelnetdD-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. |
Dir 600l Firmware
|
| CVE-2026-42373 | May 04, 2026 |
D-Link DIR-605L B2 Telnet Backdoor Grants Root AccessD-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. |
Dir 605l Firmware
|
| CVE-2026-42372 | May 04, 2026 |
D-Link DIR-605L Telnet Backdoor to Root Shell Unauth AccessD-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir605l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. |
Dir 605l Firmware
|
| CVE-2026-7554 | May 01, 2026 |
D-Link M60 <1.20B02 Weak Password Recovery via /usr/bin/httpd RemoteA vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. |
|
| CVE-2026-7289 | Apr 28, 2026 |
D-Link DIR-825M 1.1.12 buffer overflow in sub_414BA8 via submit-urlA vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used. |
Dir 825m
|
| CVE-2026-7288 | Apr 28, 2026 |
D-Link DIR-825M 1.1.12 VPN Config Buffer Overflow (sub_4151FC)A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. |
Dir 825m
|
| CVE-2026-7248 | Apr 28, 2026 |
D-Link DI-8100 16.07.26A1 CGI Buffer Overflow: tgfile_htm fnA vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used. |
|
| CVE-2026-7247 | Apr 28, 2026 |
D-Link DI-8100 16.07.26A1 File Extension Handler Buffer OverflowA vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. |
|
| CVE-2026-7069 | Apr 27, 2026 |
D-Link DIR-825 miniupnpd buffer overflow via AddPortMapping (3.00b32)A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within the local network. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-7068 | Apr 26, 2026 |
D-Link DIR-825 3.00b32 nmbd Buffer Overflow (Local Net)A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-7067 | Apr 26, 2026 |
Command Injection in D-Link DIR-822 udhcpd DHCP ServiceA vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-7027 | Apr 26, 2026 |
D-Link DSL-2740R EU_01.15 Wireless Setup XSS via Network NameA vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and might be used. |
|
| CVE-2026-7026 | Apr 26, 2026 |
D-Link DGS-3420 1.50.018 XSS via System Name on Sys Info Settings PageA vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. |
|
| CVE-2026-6947 | Apr 24, 2026 |
D-Link DWM-222W Brute-Force Protection Bypass in USB WiFi AdapterDWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, allowing unauthenticated adjacent network attackers to bypass login attempt limits to perform brute-force attacks to gain control over the device. |
|
| CVE-2026-6014 | Apr 10, 2026 |
D-Link DIR-513 1.10 buffer overflow in formAdvanceSetup (POST)A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup of the component POST Request Handler. This manipulation of the argument webpage causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-6013 | Apr 10, 2026 |
D-Link DIR-513 1.10 Remote Buffer Overflow via formSetRouteA vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-6012 | Apr 10, 2026 |
D-Link DIR-513 1.10 Buffer Overflow via formSetPassword POST HandlerA security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5984 | Apr 09, 2026 |
D-Link DIR-605L 2.13B01 Buffer Overflow in formSetLog (CVE-2026-5984)A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5983 | Apr 09, 2026 |
D-Link DIR-605L 2.13B01 Buffer Overflow via formSetDDNS curTimeA vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDDNS of the file /goform/formSetDDNS of the component POST Request Handler. Executing a manipulation of the argument curTime can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5982 | Apr 09, 2026 |
D-Link DIR-605L 2.13B01 Buffer Overflow in formAdvNetwork (curTime)A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the component POST Request Handler. Performing a manipulation of the argument curTime results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5981 | Apr 09, 2026 |
Buffer Overflow in D-Link DIR-605L 2.13B01 formAdvFirewall (curTime)A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST Request Handler. Such manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5980 | Apr 09, 2026 |
DIR-605L 2.13B01 POST RF Buffer Overflow in formSetMACFilterA flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /goform/formSetMACFilter of the component POST Request Handler. This manipulation of the argument curTime causes buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5979 | Apr 09, 2026 |
D-Link DIR-605L 2.13B01 Remote Buffer Overflow in formVirtualServA vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5844 | Apr 09, 2026 |
D-Link DIR-882 1.01B02 HNAP1 OS Command Injection via sprintfA vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-5815 | Apr 08, 2026 |
Stack Buffer Overflow in D-Link DIR-645 1.01-1.03 via hedwigcgi_mainA vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgi_main of the file /cgi-bin/hedwig.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. |
Dir 645
|
| CVE-2026-5312 | Apr 01, 2026 |
Improper Access Control in D-Link DNS via /cgi-bin/dsk_mgr.cgiA weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function FMT_restart/Status_HDInfo/SMART_List/ScanDisk_info/ScanDisk/volume_status/Get_Volume_Mapping/FMT_check_disk_remount_state/FMT_rebuildinfo/FMT_result_list/FMT_result_list_phy/FMT_get_dminfo/FMT_manually_rebuild_info/Get_current_raidtype of the file /cgi-bin/dsk_mgr.cgi. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. |
|
| CVE-2026-5311 | Apr 01, 2026 |
D-Link WebDAV cmd Argument Manipulation Enables ACL BypassA security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function Webdav_Access_List of the file /cgi-bin/file_center.cgi. Performing a manipulation of the argument cmd results in improper access controls. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. |
|
| CVE-2026-5215 | Mar 31, 2026 |
D-Link DNS Series Improper Access Control in cgi_get_ipv6A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_get_ipv6 of the file /cgi-bin/network_mgr.cgi. Such manipulation leads to improper access controls. The exploit is publicly available and might be used. |
|
| CVE-2026-5214 | Mar 31, 2026 |
Remote Stack Buffer Overflow in D-Link DNS Router Account Manager CGIA vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi_addgroup_get_group_quota_minsize of the file /cgi-bin/account_mgr.cgi. The manipulation of the argument Name results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. |
|
| CVE-2026-5213 | Mar 31, 2026 |
Stack Buffer Overflow in D-Link DNS Router cgi_adduser_to_sessionA vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function cgi_adduser_to_session of the file /cgi-bin/account_mgr.cgi. This manipulation of the argument read_list causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. |
|
| CVE-2026-5212 | Mar 31, 2026 |
Stack Buffer Overflow in D-Link DNS Router Webdav_Upload_FileA vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function Webdav_Upload_File of the file /cgi-bin/webdav_mgr.cgi. The manipulation of the argument f_file leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. |
|
| CVE-2026-5211 | Mar 31, 2026 |
Stack-Based Buffer Overflow in D-Link DNS Router UPnP AV ServerA flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function UPnP_AV_Server_Path_Del of the file /cgi-bin/app_mgr.cgi. Executing a manipulation of the argument f_dir can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. |
|
| CVE-2026-5024 | Mar 29, 2026 |
D-Link DIR-513 1.10 SSB in formSetEmail via curTime (remote)A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-4627 | Mar 24, 2026 |
D-Link DIR-825/825R OS Command Injection in NTP Service (v4.5.1)A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_time of the file libdeuteron_modules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. |
|
| CVE-2026-4555 | Mar 22, 2026 |
D-Link DIR-513 1.10 Stack Buffer Overflow in boa's formEasySetTimezone (curTime)A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the file /goform/formEasySetTimezone of the component boa. This manipulation of the argument curTime causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. |