Stack-Based Buffer Overflow in D-Link DNS Router UPnP AV Server
CVE-2026-5211 Published on March 31, 2026

D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function UPnP_AV_Server_Path_Del of the file /cgi-bin/app_mgr.cgi. Executing a manipulation of the argument f_dir can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.

NVD

Timeline

Advisory disclosed

VulDB entry created

VulDB entry last update

Weakness Types

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2026-5211 has been classified to as a Stack Overflow vulnerability or weakness.

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2026-5211 has been classified to as a Buffer Overflow vulnerability or weakness.


Affected Versions

D-Link DNS-120: D-Link DNR-202L: D-Link DNS-315L: D-Link DNS-320: D-Link DNS-320L: D-Link DNS-320LW: D-Link DNS-321: D-Link DNR-322L: D-Link DNS-323: D-Link DNS-325: D-Link DNS-326: D-Link DNS-327L: D-Link DNR-326: D-Link DNS-340L: D-Link DNS-343: D-Link DNS-345: D-Link DNS-726-4: D-Link DNS-1100-4: D-Link DNS-1200-05: D-Link DNS-1550-04:

Exploit Probability

EPSS
0.03%
Percentile
8.43%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.