What is the CVSS score of CVE-2026-4214?

CVE-2026-4214 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Dnr 202l are affected by CVE-2026-4214?

D-Link NAS devices across our infrastructure face a critical remote code execution vulnerability with active exploitation already occurring in the wild.

Is there a public PoC exploit available for CVE-2026-4214?

Yes, a public proof-of-concept exploit is available for CVE-2026-4214. Prioritise patching immediately. EPSS: 0.0%.

Dnr 202l CVE-2026-4214

EUVD-2026-12329 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-03-16 VulDB

Buffer Overflow D-Link Stack Overflow Dnr 202l Dnr 322l Dnr 326 Dns 1100 4 Dns 120 Dns 1200 05 Dns 1550 04 Dns 315l Dns 320 Dns 320l Dns 320lw Dns 321 Dns 323 Dns 325 Dns 326 Dns 327l Dns 340l Dns 343 Dns 345 Dns 726 4

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

PoC Detected

Mar 16, 2026 - 14:53 vuln.today

Public exploit code

EUVD ID Assigned

Mar 16, 2026 - 05:00 euvd

EUVD-2026-12329

Analysis Generated

Mar 16, 2026 - 05:00 vuln.today

CVE Published

Mar 16, 2026 - 04:32 nvd

HIGH 8.8

DescriptionNVD

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP_AV_Server_Path_Setting of the file /cgi-bin/app_mgr.cgi. Executing a manipulation can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

AnalysisAI

Stack-based buffer overflow in D-Link NAS devices (DNS-120, DNR-202L, DNS-315L, DNS-320 series, DNS-326, DNS-1100-4, and others) through the UPnP_AV_Server_Path_Setting function in /cgi-bin/app_mgr.cgi allows authenticated remote attackers to achieve complete system compromise with high integrity, confidentiality, and availability impact. Public exploit code exists for this vulnerability, and no patch is currently available.

RemediationAI

Within 24 hours: Inventory all D-Link DNS/DNR series devices and identify firmware versions up to 20260205; disable remote access to affected devices if business-critical alternatives exist. Within 7 days: Implement network segmentation to restrict NAS access to authorized personnel only, enable enhanced logging/monitoring on all identified devices, and establish a vendor communication protocol to track D-Link patch timelines. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory