Perceptive Security
SOC/SIEM Consultancy
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-32…
Published:
15 March 2026 at 23:00:00
Alert date:
16 March 2026 at 16:21:26
Source:
nvd.nist.gov
Mobile & IoT, Network Infrastructure
A stack-based buffer overflow vulnerability (CVE-2026-4213) affects multiple D-Link NAS devices including DNS and DNR series models. The vulnerability is in the cgi_myfavorite_del_user/cgi_myfavorite_verify functions of /cgi-bin/gui_mgr.cgi file. The flaw can be exploited remotely through manipulation and allows attackers to cause buffer overflow. Public exploits are available, making this a high-priority security concern for affected D-Link network storage devices.
Technical details
Mitigation steps:
Affected products:
D-Link DNS-120
D-Link DNR-202L
D-Link DNS-315L
D-Link DNS-320
D-Link DNS-320L
D-Link DNS-320LW
D-Link DNS-321
D-Link DNR-322L
D-Link DNS-323
D-Link DNS-325
D-Link DNS-326
D-Link DNS-327L
D-Link DNR-326
D-Link DNS-340L
D-Link DNS-343
D-Link DNS-345
D-Link DNS-726-4
D-Link DNS-1100-4
D-Link DNS-1200-05
D-Link DNS-1550-04
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-4213
https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_162/162.md
https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_163/163.md
https://vuldb.com/?ctiid.351124
https://vuldb.com/?id.351124
https://vuldb.com/?submit.770443
https://vuldb.com/?submit.770444
https://www.dlink.com/
Related CVE's:
Related threat actors:
IOC's:
/cgi-bin/gui_mgr.cgi
This article was created with the assistance of AI technology by Perceptive.