CVE-2026-4197
2.1
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow more
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: CNA (Secondary)
Description
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function RSS_Get_Update_Status/RSS_Update/RSS_Channel_AutoDownlaod/RSS_Add/RSS_Channel_Item_Downlaod/RSS_History_Item_List/RSS_Item_List of the file /cgi-bin/download_mgr.cgi. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
Affected (20)
Products: Dlink: Dnr 202l Firmware, Dnr 326 Firmware, Dns 1100 4 Firmware, Dns 120 Firmware, Dns 1200 05 Firmware, Dns 1550 04 Firmware, Dns 315l Firmware, Dns 320 Firmware, Dns 320l Firmware, Dns 320lw Firmware, Dns 321 Firmware, Dns 322l Firmware, Dns 323 Firmware, Dns 325 Firmware, Dns 326 Firmware, Dns 327l Firmware, Dns 340l Firmware, Dns 343 Firmware, Dns 345 Firmware, Dns 726 4 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dnr 202l | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dnr 326 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 1100 4 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 120 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 1200 05 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 1550 04 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 315l | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 320 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 320l | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 320lw | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 321 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 322l | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 323 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 325 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 326 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 327l | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 340l | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 343 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 345 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2026-02-05 |
| Running on/with | Platform Versions |
|---|---|
Dlink Dns 726 4 | All versions |
Related CWEs
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
References (14)
Source: cna@vuldb.com
ExploitThird Party Advisory
Source: cna@vuldb.com
ExploitThird Party Advisory
Timeline
No history available yet.