Description
A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi_device/cgi_sms_test/cgi_firmware_upload/cgi_ntp_time of the file /cgi-bin/system_mgr.cgi. Executing a manipulation can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Published: 2026-03-16
Score: 5.3 Medium
EPSS: 3.8% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an attacker to execute arbitrary shell commands by manipulating the cgi_ntp_time function within the /cgi-bin/system_mgr.cgi script on affected D‑Link devices. This flaw results from improper input validation (CWE‑74) and the absence of appropriate command delimiters (CWE‑77). Successful exploitation gives the attacker full control over the router, enabling compromise of network confidentiality, integrity, and availability.

Affected Systems

A range of D‑Link routers is impacted, including the DNR‑202L, DNR‑326, DNR‑322L, DNS‑1100‑4, DNS‑120, DNS‑1200‑05, DNS‑1550‑04, DNS‑315L, DNS‑320, DNS‑320L, DNS‑320LW, DNS‑321, DNS‑323, DNS‑325, DNS‑326, DNS‑327L, DNS‑340L, DNS‑343, DNS‑345, DNS‑726‑4 and the DNS‑1200‑05. Any firmware released on or before build 20260205 may contain the flaw.

Risk and Exploitability

The CVSS base score of 5.3 indicates medium severity, and the EPSS score of 4% shows a moderate likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that a remote attacker could exploit this weakness without authentication, although the CVE text does not explicitly confirm credential requirements. Publicly available exploit code means unpatched devices are likely vulnerable.

Generated by OpenCVE AI on June 18, 2026 at 13:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device firmware to the latest release from D‑Link that removes the vulnerable cgi_ntp_time function or adds proper input validation.
  • If a patch is not yet available, block or restrict remote access to /cgi-bin/system_mgr.cgi by configuring the router’s ACLs or an external firewall to allow only trusted IP ranges.
  • Place vulnerable routers on a separate network segment and enable detailed logging of CGI requests to detect suspicious command‑execution attempts.

Generated by OpenCVE AI on June 18, 2026 at 13:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 19 Mar 2026 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dnr-202l
Dlink dnr-202l Firmware
Dlink dnr-326
Dlink dnr-326 Firmware
Dlink dns-1100-4
Dlink dns-1100-4 Firmware
Dlink dns-120
Dlink dns-1200-05
Dlink dns-1200-05 Firmware
Dlink dns-120 Firmware
Dlink dns-1550-04
Dlink dns-1550-04 Firmware
Dlink dns-315l
Dlink dns-315l Firmware
Dlink dns-320
Dlink dns-320 Firmware
Dlink dns-320l
Dlink dns-320l Firmware
Dlink dns-320lw
Dlink dns-320lw Firmware
Dlink dns-321
Dlink dns-321 Firmware
Dlink dns-322l
Dlink dns-322l Firmware
Dlink dns-323
Dlink dns-323 Firmware
Dlink dns-325
Dlink dns-325 Firmware
Dlink dns-326
Dlink dns-326 Firmware
Dlink dns-327l
Dlink dns-327l Firmware
Dlink dns-340l
Dlink dns-340l Firmware
Dlink dns-343
Dlink dns-343 Firmware
Dlink dns-345
Dlink dns-345 Firmware
Dlink dns-726-4
Dlink dns-726-4 Firmware
CPEs cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-322l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dnr-202l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dnr-326_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-1100-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-1200-05_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-1550-04_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-315l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-320l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-320lw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-321_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-322l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-323_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-325_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-326_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-327l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-340l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-343_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-345_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-726-4_firmware:*:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dnr-202l
Dlink dnr-202l Firmware
Dlink dnr-326
Dlink dnr-326 Firmware
Dlink dns-1100-4
Dlink dns-1100-4 Firmware
Dlink dns-120
Dlink dns-1200-05
Dlink dns-1200-05 Firmware
Dlink dns-120 Firmware
Dlink dns-1550-04
Dlink dns-1550-04 Firmware
Dlink dns-315l
Dlink dns-315l Firmware
Dlink dns-320
Dlink dns-320 Firmware
Dlink dns-320l
Dlink dns-320l Firmware
Dlink dns-320lw
Dlink dns-320lw Firmware
Dlink dns-321
Dlink dns-321 Firmware
Dlink dns-322l
Dlink dns-322l Firmware
Dlink dns-323
Dlink dns-323 Firmware
Dlink dns-325
Dlink dns-325 Firmware
Dlink dns-326
Dlink dns-326 Firmware
Dlink dns-327l
Dlink dns-327l Firmware
Dlink dns-340l
Dlink dns-340l Firmware
Dlink dns-343
Dlink dns-343 Firmware
Dlink dns-345
Dlink dns-345 Firmware
Dlink dns-726-4
Dlink dns-726-4 Firmware

Mon, 16 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 16 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dnr-202l
D-link dnr-322l
D-link dnr-326
D-link dns-1100-4
D-link dns-120
D-link dns-1200-05
D-link dns-1550-04
D-link dns-315l
D-link dns-320
D-link dns-320l
D-link dns-320lw
D-link dns-321
D-link dns-323
D-link dns-325
D-link dns-326
D-link dns-327l
D-link dns-340l
D-link dns-343
D-link dns-345
D-link dns-726-4
Vendors & Products D-link
D-link dnr-202l
D-link dnr-322l
D-link dnr-326
D-link dns-1100-4
D-link dns-120
D-link dns-1200-05
D-link dns-1550-04
D-link dns-315l
D-link dns-320
D-link dns-320l
D-link dns-320lw
D-link dns-321
D-link dns-323
D-link dns-325
D-link dns-326
D-link dns-327l
D-link dns-340l
D-link dns-343
D-link dns-345
D-link dns-726-4

Mon, 16 Mar 2026 03:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi_device/cgi_sms_test/cgi_firmware_upload/cgi_ntp_time of the file /cgi-bin/system_mgr.cgi. Executing a manipulation can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Title D-Link DNS-1550-04 system_mgr.cgi cgi_ntp_time command injection
Weaknesses CWE-74
CWE-77
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


Subscriptions

D-link Dnr-202l Dnr-322l Dnr-326 Dns-1100-4 Dns-120 Dns-1200-05 Dns-1550-04 Dns-315l Dns-320 Dns-320l Dns-320lw Dns-321 Dns-323 Dns-325 Dns-326 Dns-327l Dns-340l Dns-343 Dns-345 Dns-726-4
Dlink Dnr-202l Dnr-202l Firmware Dnr-326 Dnr-326 Firmware Dns-1100-4 Dns-1100-4 Firmware Dns-120 Dns-1200-05 Dns-1200-05 Firmware Dns-120 Firmware Dns-1550-04 Dns-1550-04 Firmware Dns-315l Dns-315l Firmware Dns-320 Dns-320 Firmware Dns-320l Dns-320l Firmware Dns-320lw Dns-320lw Firmware Dns-321 Dns-321 Firmware Dns-322l Dns-322l Firmware Dns-323 Dns-323 Firmware Dns-325 Dns-325 Firmware Dns-326 Dns-326 Firmware Dns-327l Dns-327l Firmware Dns-340l Dns-340l Firmware Dns-343 Dns-343 Firmware Dns-345 Dns-345 Firmware Dns-726-4 Dns-726-4 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-16T14:40:37.095Z

Reserved: 2026-03-15T11:51:15.813Z

Link: CVE-2026-4207

cve-icon Vulnrichment

Updated: 2026-03-16T14:37:06.093Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-16T14:20:06.497

Modified: 2026-06-17T10:56:11.617

Link: CVE-2026-4207

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T13:45:05Z

Weaknesses
  • CWE-74

    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')