CVE-2026-4529 - Vulnerability Details

- D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow

Description

A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.

Published: 2026-03-21

Score: 8.7 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A stack-based buffer overflow exists in the redirect_count_down_page function of the SOAP Handler on the D-Link DHP-1320 router. Sending a specially crafted SOAP request can trigger the overflow, potentially allowing the attacker to execute arbitrary code or cause a denial‑of‑service. The flaw is a classic buffer overflow (CWE‑119/121) that compromises the device’s confidentiality and integrity.

Affected Systems

This exploit targets the D-Link DHP-1320 running firmware version 1.00WWB04 or earlier, a product no longer supported by the manufacturer. No other D-Link devices are affected by this specific vulnerability.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity risk, meaning the flaw could give attackers substantial control over the device. Although EPSS data is not available, the publicly available exploit shows that remote attackers can send crafted SOAP requests to trigger the overflow. The vulnerability is not listed in the CISA KEV catalog, but its combination of high severity and remote exploitability makes it a priority for remediation.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

D-Link

DHP-1320

affected

Version	Status	Constraints
`1.00WWB04`	affected	—

No data.

Vendor Product Confidence Versions

D-link

Dhp-1320

100%

Version	Status	Scheme	Platform
`1.00WWB04`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest firmware update that addresses the SOAP redirect_count_down_page overflow if one is available.
If no firmware update exists, replace the DHP-1320 router with a supported model that does not expose the vulnerable SOAP interface.
Limit external SOAP traffic by configuring firewall rules to allow connections only from trusted IP addresses.
Disable or restrict the SOAP service through the router’s configuration if the feature is not required.
Monitor network traffic for anomalous SOAP requests and investigate any suspicious activity.

Generated by OpenCVE AI on March 22, 2026 at 00:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00057.

Exploitation poc

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dhp1320-dlink
https://vuldb.com/?ctiid.352317
https://vuldb.com/?id.352317
https://vuldb.com/?submit.773932
https://www.dlink.com/

History

Mon, 23 Mar 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 23 Mar 2026 10:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		D-link D-link dhp-1320
Vendors & Products		D-link D-link dhp-1320

Sat, 21 Mar 2026 23:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
Title		D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow
Weaknesses		CWE-119 CWE-121
References		https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dhp1320-dlink https://vuldb.com/?ctiid.352317 https://vuldb.com/?id.352317 https://vuldb.com/?submit.773932 https://www.dlink.com/
Metrics		cvssV2_0 `{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

D-link Dhp-1320

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-21T23:02:14.289Z

Updated: 2026-03-23T16:33:38.375Z

Reserved: 2026-03-21T07:42:09.435Z

Link: CVE-2026-4529

Vulnrichment

Updated: 2026-03-23T16:33:33.495Z

NVD

Status : Awaiting Analysis

Published: 2026-03-21T23:16:51.577

Modified: 2026-03-23T14:31:37.267

Link: CVE-2026-4529

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-25T14:46:57Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object