top of page
perceptive_background_267k.jpg

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, …

Published:

30 maart 2026 om 22:00:00

Alert date:

31 maart 2026 om 23:02:28

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Network Infrastructure

A stack-based buffer overflow vulnerability affects multiple D-Link NAS devices including DNS and DNR series models up to version 20260205. The vulnerability exists in the cgi_addgroup_get_group_quota_minsize function of /cgi-bin/account_mgr.cgi file. Remote attackers can exploit this by manipulating the Name argument parameter. The exploit has been publicly disclosed and could be actively used by attackers. This affects over 20 different D-Link NAS device models across various series.

Technical details

Mitigation steps:

Affected products:

D-Link DNS-120
D-Link DNR-202L
D-Link DNS-315L
D-Link DNS-320
D-Link DNS-320L
D-Link DNS-320LW
D-Link DNS-321
D-Link DNR-322L
D-Link DNS-323
D-Link DNS-325
D-Link DNS-326
D-Link DNS-327L
D-Link DNR-326
D-Link DNS-340L
D-Link DNS-343
D-Link DNS-345
D-Link DNS-726-4
D-Link DNS-1100-4
D-Link DNS-1200-05
D-Link DNS-1550-04

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-5214
https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_169/169.md
https://vuldb.com/submit/780439
https://vuldb.com/vuln/354349
https://vuldb.com/vuln/354349/cti
https://www.dlink.com/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page