Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this issue is the function Local_Backup_Info of the file /cgi-bin/local_backup_mgr.cgi. This manipulation of the argument f_idx causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
AnalysisAI
Stack-based buffer overflow in D-Link DNS and DNR network storage devices allows authenticated remote attackers to execute arbitrary code by manipulating the f_idx parameter in the local_backup_mgr.cgi endpoint. Public exploit code exists for this vulnerability, which affects multiple device models up to firmware version 20260205 with no patch currently available. An attacker with valid credentials can trigger memory corruption to achieve complete system compromise including code execution, data theft, and service disruption.
Technical ContextAI
This vulnerability (CWE-121: Stack-based Buffer Overflow) occurs in the /cgi-bin/local_backup_mgr.cgi file where improper handling of the 'f_idx' parameter causes memory corruption. The affected products are D-Link's DNS (ShareCenter) and DNR series NAS devices, which are consumer and small business network storage solutions. These devices typically run embedded Linux with web-based management interfaces. The buffer overflow allows attackers to overwrite stack memory, potentially leading to arbitrary code execution with the privileges of the web server process.
RemediationAI
No patch information is currently available in the provided references. Organizations should immediately check D-Link's official support page (https://www.dlink.com/) for firmware updates. As an interim mitigation, restrict network access to the affected devices' management interfaces, ensuring they are not exposed to the internet. Implement strong authentication and limit user accounts with access to the backup management functionality. Monitor for suspicious activity in device logs, particularly around the local_backup_mgr.cgi endpoint.
Stack-based buffer overflow in D-Link DNS storage appliances (DNS-120, DNS-340L, DNS-1200-05 and others) through the /cg
Stack-based buffer overflow in D-Link NAS devices (DNS-120, DNR-202L, DNS-315L, DNS-320 series, DNS-326, DNS-1100-4, and
Stack-based buffer overflow in D-Link DNS NAS devices (DNS-120 through DNS-1550-04) allows authenticated attackers to ac
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12284