Perceptive Security
SOC/SIEM Consultancy
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, …
Published:
30 March 2026 at 22:00:00
Alert date:
31 March 2026 at 23:02:28
Source:
nvd.nist.gov
Mobile & IoT, Network Infrastructure
A stack-based buffer overflow vulnerability affects multiple D-Link NAS devices including DNS and DNR series models up to version 20260205. The vulnerability exists in the cgi_addgroup_get_group_quota_minsize function of /cgi-bin/account_mgr.cgi file. Remote attackers can exploit this by manipulating the Name argument parameter. The exploit has been publicly disclosed and could be actively used by attackers. This affects over 20 different D-Link NAS device models across various series.
Technical details
Mitigation steps:
Affected products:
D-Link DNS-120
D-Link DNR-202L
D-Link DNS-315L
D-Link DNS-320
D-Link DNS-320L
D-Link DNS-320LW
D-Link DNS-321
D-Link DNR-322L
D-Link DNS-323
D-Link DNS-325
D-Link DNS-326
D-Link DNS-327L
D-Link DNR-326
D-Link DNS-340L
D-Link DNS-343
D-Link DNS-345
D-Link DNS-726-4
D-Link DNS-1100-4
D-Link DNS-1200-05
D-Link DNS-1550-04
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-5214
https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_169/169.md
https://vuldb.com/submit/780439
https://vuldb.com/vuln/354349
https://vuldb.com/vuln/354349/cti
https://www.dlink.com/
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.