Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP_AV_Server_Path_Setting of the file /cgi-bin/app_mgr.cgi. Executing a manipulation can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.
AnalysisAI
Stack-based buffer overflow in D-Link NAS devices (DNS-120, DNR-202L, DNS-315L, DNS-320 series, DNS-326, DNS-1100-4, and others) through the UPnP_AV_Server_Path_Setting function in /cgi-bin/app_mgr.cgi allows authenticated remote attackers to achieve complete system compromise with high integrity, confidentiality, and availability impact. Public exploit code exists for this vulnerability, and no patch is currently available.
Technical ContextAI
This vulnerability (CWE-121: Stack-based Buffer Overflow) occurs in the /cgi-bin/app_mgr.cgi file's UPnP_AV_Server_Path_Setting function across D-Link's DNS (ShareCenter) and DNR series NAS devices. The affected CPE entries confirm impact across models DNS-120, DNS-315L, DNS-320 series (including L/LW variants), DNS-321, DNS-323, DNS-325, DNS-326, DNS-327L, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, DNS-1550-04, DNR-202L, DNR-322L, and DNR-326. These are consumer and small business network storage appliances that provide UPnP media server functionality.
RemediationAI
No patch information is currently available in the provided references. The vendor website (https://www.dlink.com/) should be monitored for security advisories. As immediate mitigation: 1) Disable UPnP functionality if not required, 2) Restrict network access to the management interface, 3) Implement network segmentation to isolate NAS devices, 4) Monitor for suspicious activity on the affected /cgi-bin/app_mgr.cgi endpoint. Given the age and variety of affected models, some may be end-of-life without patch support.
Stack-based buffer overflow in D-Link DNS storage appliances (DNS-120, DNS-340L, DNS-1200-05 and others) through the /cg
Stack-based buffer overflow in D-Link DNS NAS devices (DNS-120 through DNS-1550-04) allows authenticated attackers to ac
Stack-based buffer overflow in D-Link DNS and DNR network storage devices allows authenticated remote attackers to execu
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12329