Search criteria
2 vulnerabilities found for dns-322l by dlink
VAR-202604-0419
Vulnerability from variot - Updated: 2026-04-11 00:02A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function Webdav_Access_List of the file /cgi-bin/file_center.cgi. Performing a manipulation of the argument cmd results in improper access controls. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. This vulnerability affects files. The method for exploiting the vulnerability has been made public and could be used to carry out attacks.There is a possibility that some of the information handled by the software may be leaked to the outside. However, the information handled by the software will not be rewritten. Furthermore, the software will not stop
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "dnr-202l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-343",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-322l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dnr-326",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-320lw",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-320",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-1100-4",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-315l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-345",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-326",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-340l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-327l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-120",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-320l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-323",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-1200-05",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-321",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-325",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-1550-04",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-726-4",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-726-4",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-340l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-315l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dnr-326",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-1550-04",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-325",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-343",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-345",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-322l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-323",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-320lw",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-1100-4",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-326",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-327l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-320",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-1200-05",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-320l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dnr-202l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-120",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-321",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
},
{
"db": "NVD",
"id": "CVE-2026-5311"
}
]
},
"cve": "CVE-2026-5311",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "cna@vuldb.com",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2026-5311",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2026-010317",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2026-5311",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2026-010317",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2026-5311",
"trust": 1.0,
"value": "Medium"
},
{
"author": "OTHER",
"id": "JVNDB-2026-010317",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
},
{
"db": "NVD",
"id": "CVE-2026-5311"
}
]
},
"description": {
"_id": null,
"data": "A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function Webdav_Access_List of the file /cgi-bin/file_center.cgi. Performing a manipulation of the argument cmd results in improper access controls. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. This vulnerability affects files. The method for exploiting the vulnerability has been made public and could be used to carry out attacks.There is a possibility that some of the information handled by the software may be leaked to the outside. However, the information handled by the software will not be rewritten. Furthermore, the software will not stop",
"sources": [
{
"db": "NVD",
"id": "CVE-2026-5311"
},
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
}
],
"trust": 1.62
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2026-5311",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2026-010317",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
},
{
"db": "NVD",
"id": "CVE-2026-5311"
}
]
},
"id": "VAR-202604-0419",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6016763333333334
},
"last_update_date": "2026-04-11T00:02:03.907000Z",
"patch": {
"_id": null,
"data": [
{
"title": "//vuldb.com/vuln/354640",
"trust": 0.8,
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_171/171.md"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-266",
"trust": 1.0
},
{
"problemtype": "Improper permission settings (CWE-266) [ others ]",
"trust": 0.8
},
{
"problemtype": " Inappropriate access control (CWE-284) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
},
{
"db": "NVD",
"id": "CVE-2026-5311"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.8,
"url": "https://www.dlink.com/"
},
{
"trust": 1.0,
"url": "https://vuldb.com/vuln/354640/cti"
},
{
"trust": 1.0,
"url": "https://vuldb.com/vuln/354640"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/d-link8/vuln_171/171.md"
},
{
"trust": 1.0,
"url": "https://vuldb.com/submit/780441"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2026-5311"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
},
{
"db": "NVD",
"id": "CVE-2026-5311"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2026-5311",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2026-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2026-010317",
"ident": null
},
{
"date": "2026-04-01T20:16:29.950000",
"db": "NVD",
"id": "CVE-2026-5311",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2026-04-09T01:41:00",
"db": "JVNDB",
"id": "JVNDB-2026-010317",
"ident": null
},
{
"date": "2026-04-07T15:43:56.293000",
"db": "NVD",
"id": "CVE-2026-5311",
"ident": null
}
]
},
"title": {
"_id": null,
"data": "D-Link\u00a0Corporation of dnr-202l\u00a0 Multiple vulnerabilities in multiple products, including firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010317"
}
],
"trust": 0.8
}
}
VAR-202604-0545
Vulnerability from variot - Updated: 2026-04-11 00:02A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function FMT_restart/Status_HDInfo/SMART_List/ScanDisk_info/ScanDisk/volume_status/Get_Volume_Mapping/FMT_check_disk_remount_state/FMT_rebuildinfo/FMT_result_list/FMT_result_list_phy/FMT_get_dminfo/FMT_manually_rebuild_info/Get_current_raidtype of the file /cgi-bin/dsk_mgr.cgi. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. D-Link of DNS-120 , DNR-202L , DNS-315L , DNS-320 , DNS-320L , DNS-320LW , DNS-321 , DNR-322L , DNS-323 , DNS-325 , DNS-326 , DNS-327L , DNR-326 , DNS-340L , DNS-343 , DNS-345 , DNS-726-4 , DNS-1100-4 , DNS-1200-05 and DNS-1550-04 (( 2026 Year 2 Moon 5 A vulnerability was identified (up to [date]). Exploits for this vulnerability are publicly available and could be used to attack.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, part of the software may stop functioning. Furthermore, attacks exploiting this vulnerability will not affect other software
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "dnr-202l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-343",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-322l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dnr-326",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-320lw",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-320",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-1100-4",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-315l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-345",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-326",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-340l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-327l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-320l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-323",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-120",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-1200-05",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-321",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-325",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-1550-04",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-726-4",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "2026-02-05"
},
{
"_id": null,
"model": "dns-726-4",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-340l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-315l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dnr-326",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-1550-04",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-325",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-343",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-345",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-322l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-323",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-320lw",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-1100-4",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-326",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-327l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-320",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-1200-05",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "d-link dns-320l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dnr-202l",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-120",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": "dns-321",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
},
{
"db": "NVD",
"id": "CVE-2026-5312"
}
]
},
"cve": "CVE-2026-5312",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "cna@vuldb.com",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2026-5312",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "OTHER",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2026-010316",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2026-5312",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2026-010316",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2026-5312",
"trust": 1.0,
"value": "Medium"
},
{
"author": "OTHER",
"id": "JVNDB-2026-010316",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
},
{
"db": "NVD",
"id": "CVE-2026-5312"
}
]
},
"description": {
"_id": null,
"data": "A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function FMT_restart/Status_HDInfo/SMART_List/ScanDisk_info/ScanDisk/volume_status/Get_Volume_Mapping/FMT_check_disk_remount_state/FMT_rebuildinfo/FMT_result_list/FMT_result_list_phy/FMT_get_dminfo/FMT_manually_rebuild_info/Get_current_raidtype of the file /cgi-bin/dsk_mgr.cgi. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. D-Link of DNS-120 , DNR-202L , DNS-315L , DNS-320 , DNS-320L , DNS-320LW , DNS-321 , DNR-322L , DNS-323 , DNS-325 , DNS-326 , DNS-327L , DNR-326 , DNS-340L , DNS-343 , DNS-345 , DNS-726-4 , DNS-1100-4 , DNS-1200-05 and DNS-1550-04 (( 2026 Year 2 Moon 5 A vulnerability was identified (up to [date]). Exploits for this vulnerability are publicly available and could be used to attack.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, part of the software may stop functioning. Furthermore, attacks exploiting this vulnerability will not affect other software",
"sources": [
{
"db": "NVD",
"id": "CVE-2026-5312"
},
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
}
],
"trust": 1.62
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2026-5312",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2026-010316",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
},
{
"db": "NVD",
"id": "CVE-2026-5312"
}
]
},
"id": "VAR-202604-0545",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6016763333333334
},
"last_update_date": "2026-04-11T00:02:03.860000Z",
"patch": {
"_id": null,
"data": [
{
"title": "https",
"trust": 0.8,
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_172/172.md"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-266",
"trust": 1.0
},
{
"problemtype": "Improper permission settings (CWE-266) [ others ]",
"trust": 0.8
},
{
"problemtype": " Inappropriate access control (CWE-284) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
},
{
"db": "NVD",
"id": "CVE-2026-5312"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.8,
"url": "https://www.dlink.com/"
},
{
"trust": 1.0,
"url": "https://vuldb.com/submit/780442"
},
{
"trust": 1.0,
"url": "https://vuldb.com/vuln/354641"
},
{
"trust": 1.0,
"url": "https://vuldb.com/submit/780443"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/d-link8/vuln_172/172.md"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/d-link8/vuln_173/173.md"
},
{
"trust": 1.0,
"url": "https://vuldb.com/vuln/354641/cti"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2026-5312"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
},
{
"db": "NVD",
"id": "CVE-2026-5312"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2026-5312",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2026-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2026-010316",
"ident": null
},
{
"date": "2026-04-01T21:17:03.613000",
"db": "NVD",
"id": "CVE-2026-5312",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2026-04-09T01:41:00",
"db": "JVNDB",
"id": "JVNDB-2026-010316",
"ident": null
},
{
"date": "2026-04-07T15:42:59.280000",
"db": "NVD",
"id": "CVE-2026-5312",
"ident": null
}
]
},
"title": {
"_id": null,
"data": "D-Link\u00a0Corporation of dnr-202l\u00a0 Multiple vulnerabilities in multiple products, including firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2026-010316"
}
],
"trust": 0.8
}
}