9
CVE-2026-5214
- EPSS 0.05%
- Veröffentlicht 31.03.2026 21:15:14
- Zuletzt bearbeitet 02.04.2026 17:16:00
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
D-Link DNS-1550-04 account_mgr.cgi cgi_addgroup_get_group_quota_minsize stack-based overflow
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi_addgroup_get_group_quota_minsize of the file /cgi-bin/account_mgr.cgi. The manipulation of the argument Name results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dlink ≫ Dnr-202l Firmware Version <= 2026-02-05
Dlink ≫ Dnr-326 Firmware Version <= 2026-02-05
Dlink ≫ Dns-1100-4 Firmware Version <= 2026-02-05
Dlink ≫ Dns-120 Firmware Version <= 2026-02-05
Dlink ≫ Dns-1200-05 Firmware Version <= 2026-02-05
Dlink ≫ Dns-1550-04 Firmware Version <= 2026-02-05
Dlink ≫ Dns-315l Firmware Version <= 2026-02-05
Dlink ≫ Dns-320 Firmware Version <= 2026-02-05
Dlink ≫ Dns-320l Firmware Version <= 2026-02-05
Dlink ≫ Dns-320lw Firmware Version <= 2026-02-05
Dlink ≫ Dns-321 Firmware Version <= 2026-02-05
Dlink ≫ Dns-322l Firmware Version <= 2026-02-05
Dlink ≫ Dns-323 Firmware Version <= 2026-02-05
Dlink ≫ Dns-325 Firmware Version <= 2026-02-05
Dlink ≫ Dns-326 Firmware Version <= 2026-02-05
Dlink ≫ Dns-327l Firmware Version <= 2026-02-05
Dlink ≫ Dns-340l Firmware Version <= 2026-02-05
Dlink ≫ Dns-343 Firmware Version <= 2026-02-05
Dlink ≫ Dns-345 Firmware Version <= 2026-02-05
Dlink ≫ Dns-726-4 Firmware Version <= 2026-02-05
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.163 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cna@vuldb.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| cna@vuldb.com | 7.4 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.