Analysis
Impact
This vulnerability is a stack‑based buffer overflow in the UPnP_AV_Server_Path_Setting function of the /cgi-bin/app_mgr.cgi script on D‑Link routers. When a specially crafted request is sent, it can overwrite the stack, potentially allowing an attacker to execute arbitrary code with the privileges of the web server. The vulnerability is directly tied to CWEs 119, 121, and 787 and was found in firmware up to 20260205. An exploit has been published, indicating that attackers could gain remote control over the affected devices.
Affected Systems
Affected products are listed in the CNA vendor list and include a wide range of D‑Link DNS and DNR models such as DNS‑1550‑04, DNS‑1200‑05, DNS‑320, DNS‑323, and others. Firmware versions through 20260205 are vulnerable; newer releases are not mentioned as impacted. No specific sub‑model or build numbers are provided beyond the firmware cutoff date.
Risk and Exploitability
The CVSS score of 8.7 reflects a high severity with high impact and availability of a remote exploitation path, while the EPSS score of less than 1% indicates a low probability of current exploitation in the wild. It is not listed in the CISA KEV catalog. Based on the description, the attack vector is remote via manipulation of the UPnP functionality and could be executed by an unauthenticated attacker over the network. Administrators should treat this as a critical risk until patched, given the potential for full device compromise.
Mitre Data 
CPE Configurations 
Affected Packages
OpenCVE Enrichment 
Vulnrichment