Skip to main content

Dns 1550 04 CVE-2026-4212

| EUVDEUVD-2026-12286 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-03-16 VulDB
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
PoC Detected
Mar 16, 2026 - 14:53 vuln.today
Public exploit code
EUVD ID Assigned
Mar 16, 2026 - 04:00 euvd
EUVD-2026-12286
Analysis Generated
Mar 16, 2026 - 04:00 vuln.today
CVE Published
Mar 16, 2026 - 03:32 nvd
HIGH 8.8

DescriptionCVE.org

A security vulnerability has been detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function Downloads_Schedule_Info of the file /cgi-bin/download_mgr.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

AnalysisAI

Stack-based buffer overflow in D-Link DNS NAS devices (DNS-120 through DNS-1550-04) allows authenticated attackers to achieve remote code execution via the Downloads_Schedule_Info function in /cgi-bin/download_mgr.cgi. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but can be executed over the network with high impact on confidentiality, integrity, and availability.

Technical ContextAI

This vulnerability affects a wide range of D-Link DNS (D-Link Network Storage) and DNR (D-Link Network Recorder) devices, including models DNS-120 through DNS-1550-04. The flaw is a classic stack-based buffer overflow (CWE-121) in the download manager CGI script. When processing user-supplied input in the Downloads_Schedule_Info function, the application fails to properly validate buffer boundaries, allowing an attacker to overwrite stack memory. This can lead to arbitrary code execution with the privileges of the web server process. All affected devices running firmware versions up to 20260205 are vulnerable.

RemediationAI

No specific patch information is available in the provided references. The vendor link (https://www.dlink.com/) should be monitored for security advisories. Immediate mitigation steps include: (1) Restrict network access to the management interface using firewall rules; (2) Disable remote management features if not required; (3) Place affected devices behind a VPN or restrict access to trusted IP addresses only; (4) Monitor devices for suspicious activity in download manager logs. Contact D-Link support for firmware update availability beyond version 20260205.

Share

CVE-2026-4212 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy