ID
VAR-202603-5527
CVE
CVE-2026-5215
TITLE
D-Link Corporation of dnr-202l Multiple vulnerabilities in multiple products, including firmware
Trust: 0.8
DESCRIPTION
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_get_ipv6 of the file /cgi-bin/network_mgr.cgi. Such manipulation leads to improper access controls. The exploit is publicly available and might be used. D-Link of DNS-120 , DNR-202L , DNS-315L , DNS-320 , DNS-320L , DNS-320LW , DNS-321 , DNR-322L , DNS-323 , DNS-325 , DNS-326 , DNS-327L , DNR-326 , DNS-340L , DNS-343 , DNS-345 , DNS-726-4 , DNS-1100-4 , DNS-1200-05 ,and DNS-1550-04 (( 2026 Year 2 Moon 5 A vulnerability has been found in the version up to [date]. However, the information handled by the software will not be rewritten. Furthermore, the software will not stop. Furthermore, attacks that exploit this vulnerability will not affect other software
Trust: 1.62
AFFECTED PRODUCTS
| vendor: | dlink | model: | dns-321 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-345 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-326 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-320lw | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-1550-04 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-320 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-325 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-726-4 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-1200-05 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-343 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-327l | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dnr-326 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-340l | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-322l | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-1100-4 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dnr-202l | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-315l | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-120 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-320l | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | dlink | model: | dns-323 | scope: | lte | version: | 2026-02-05 | Trust: 1.0 |
| vendor: | d link | model: | d-link dns-320l | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | d-link dns-327l | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-315l | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-321 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | d-link dns-322l | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | d-link dns-325 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-343 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-1200-05 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-323 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-1100-4 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-340l | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | d-link dns-320 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | d-link dns-320lw | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-326 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-1550-04 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-120 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | d-link dnr-326 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dnr-202l | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dns-726-4 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | d-link dns-345 | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-266 | Trust: 1.0 |
| problemtype: | CWE-284 | Trust: 1.0 |
| problemtype: | Improper permission settings (CWE-266) [ others ] | Trust: 0.8 |
| problemtype: | Inappropriate access control (CWE-284) [ others ] | Trust: 0.8 |
PATCH
| title: | //vuldb.com/vuln/354351 | url: | https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_170/170.md | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2026-5215 | Trust: 2.6 |
| db: | JVNDB | id: | JVNDB-2026-009892 | Trust: 0.8 |
REFERENCES
| url: | https://www.dlink.com/ | Trust: 1.8 |
| url: | https://vuldb.com/vuln/354351/cti | Trust: 1.0 |
| url: | https://vuldb.com/vuln/354351 | Trust: 1.0 |
| url: | https://github.com/wudipjq/my_vuln/blob/main/d-link8/vuln_170/170.md | Trust: 1.0 |
| url: | https://vuldb.com/submit/780440 | Trust: 1.0 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2026-5215 | Trust: 0.8 |
SOURCES
| db: | JVNDB | id: | JVNDB-2026-009892 |
| db: | NVD | id: | CVE-2026-5215 |
LAST UPDATE DATE
2026-04-07T23:31:44.811000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2026-009892 | date: | 2026-04-06T02:55:00 |
| db: | NVD | id: | CVE-2026-5215 | date: | 2026-04-02T17:16:25.423 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2026-009892 | date: | 2026-04-06T00:00:00 |
| db: | NVD | id: | CVE-2026-5215 | date: | 2026-03-31T22:16:22.820 |