A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-32…

A stack-based buffer overflow vulnerability (CVE-2026-4213) affects multiple D-Link NAS devices including DNS and DNR series models. The vulnerability is in the cgi_myfavorite_del_user/cgi_myfavorite_verify functions of /cgi-bin/gui_mgr.cgi file. The flaw can be exploited remotely through manipulation and allows attackers to cause buffer overflow. Public exploits are available, making this a high-priority security concern for affected D-Link network storage devices.