D-Link DNS-120 Series Stack-Buffer Overflow via Downloads_Schedule_Info
CVE-2026-4212 Published on March 16, 2026
D-Link DNS-1550-04 download_mgr.cgi Downloads_Schedule_Info stack-based overflow
A security vulnerability has been detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function Downloads_Schedule_Info of the file /cgi-bin/download_mgr.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Types
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2026-4212 has been classified to as a Stack Overflow vulnerability or weakness.
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2026-4212 has been classified to as a Buffer Overflow vulnerability or weakness.
Affected Versions
D-Link DNS-120:- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.
- Version 20260205 is affected.