Skip to main content

Dns 315l CVE-2026-4211

| EUVDEUVD-2026-12284 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-03-16 VulDB
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
PoC Detected
Mar 16, 2026 - 14:53 vuln.today
Public exploit code
EUVD ID Assigned
Mar 16, 2026 - 04:00 euvd
EUVD-2026-12284
Analysis Generated
Mar 16, 2026 - 04:00 vuln.today
CVE Published
Mar 16, 2026 - 03:32 nvd
HIGH 8.8

DescriptionCVE.org

A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this issue is the function Local_Backup_Info of the file /cgi-bin/local_backup_mgr.cgi. This manipulation of the argument f_idx causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

AnalysisAI

Stack-based buffer overflow in D-Link DNS and DNR network storage devices allows authenticated remote attackers to execute arbitrary code by manipulating the f_idx parameter in the local_backup_mgr.cgi endpoint. Public exploit code exists for this vulnerability, which affects multiple device models up to firmware version 20260205 with no patch currently available. An attacker with valid credentials can trigger memory corruption to achieve complete system compromise including code execution, data theft, and service disruption.

Technical ContextAI

This vulnerability (CWE-121: Stack-based Buffer Overflow) occurs in the /cgi-bin/local_backup_mgr.cgi file where improper handling of the 'f_idx' parameter causes memory corruption. The affected products are D-Link's DNS (ShareCenter) and DNR series NAS devices, which are consumer and small business network storage solutions. These devices typically run embedded Linux with web-based management interfaces. The buffer overflow allows attackers to overwrite stack memory, potentially leading to arbitrary code execution with the privileges of the web server process.

RemediationAI

No patch information is currently available in the provided references. Organizations should immediately check D-Link's official support page (https://www.dlink.com/) for firmware updates. As an interim mitigation, restrict network access to the affected devices' management interfaces, ensuring they are not exposed to the internet. Implement strong authentication and limit user accounts with access to the backup management functionality. Monitor for suspicious activity in device logs, particularly around the local_backup_mgr.cgi endpoint.

Share

CVE-2026-4211 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy