Description
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_get_ipv6 of the file /cgi-bin/network_mgr.cgi. Such manipulation leads to improper access controls. The exploit is publicly available and might be used.
Published: 2026-03-31
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Patch Now
AI Analysis

Impact

A vulnerability in the network manager CGI module allows attackers to retrieve IPv6 configuration information without proper authorization because the cgi_get_ipv6 function implements insecure permissions (CWE‑266) and improper authorization controls (CWE‑284). As a result, unauthenticated users can read sensitive network details, enabling an attacker to gain visibility into the device’s network setup and potentially use that information for further reconnaissance. The flaw does not provide direct code execution but exposes confidential configuration data that could aid in a targeted attack against the connected network.

Affected Systems

The flaw affects multiple D‑Link router models, including the DNS‑120, DNS‑1550‑04, DNS‑315L, DNS‑320, DNS‑320L, DNS‑320LW, DNS‑321, DNS‑323, DNS‑325, DNS‑326, DNS‑327L, DNS‑340L, DNS‑343, DNS‑345, DNS‑726‑4, DNS‑1100‑4, DNS‑1200‑05, and other R‑Series firmware up to the 20260205 release. Any device running those firmware versions is vulnerable until a newer release resolves the improper access control.

Risk and Exploitability

With a CVSS score of 5.3 and an EPSS rate below 1%, the overall risk is moderate, and the likelihood of exploitation is low, although the vulnerability is publicly available. The attack vector is likely remote, performed over the device’s HTTP interface targeting the /cgi‑bin/network_mgr.cgi endpoint, and does not require authentication due to the missing permissions checks. No CISA KEV listing indicates that it has not yet been widely exploited, but defenders should assume the possibility and secure the affected interfaces.

Generated by OpenCVE AI on April 2, 2026 at 23:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to firmware versions released after 20260205 that fix the network_mgr.cgi access control issue.
  • If a patch is not yet available, restrict HTTP access to the /cgi‑bin/network_mgr.cgi endpoint or block the device from the internal network to prevent unauthenticated queries.
  • Monitor D‑Link advisories for a formal patch or security bulletin and apply it as soon as it is released.

Generated by OpenCVE AI on April 2, 2026 at 23:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dnr-202l
D-link dnr-322l
D-link dnr-326
D-link dns-1100-4
D-link dns-120
D-link dns-1200-05
D-link dns-1550-04
D-link dns-315l
D-link dns-320
D-link dns-320l
D-link dns-320lw
D-link dns-321
D-link dns-323
D-link dns-325
D-link dns-326
D-link dns-327l
D-link dns-340l
D-link dns-343
D-link dns-345
D-link dns-726-4
Dlink
Dlink dnr-202l
Dlink dnr-202l Firmware
Dlink dnr-326
Dlink dnr-326 Firmware
Dlink dns-1100-4
Dlink dns-1100-4 Firmware
Dlink dns-120
Dlink dns-1200-05
Dlink dns-1200-05 Firmware
Dlink dns-120 Firmware
Dlink dns-1550-04
Dlink dns-1550-04 Firmware
Dlink dns-315l
Dlink dns-315l Firmware
Dlink dns-320
Dlink dns-320 Firmware
Dlink dns-320l
Dlink dns-320l Firmware
Dlink dns-320lw
Dlink dns-320lw Firmware
Dlink dns-321
Dlink dns-321 Firmware
Dlink dns-322l
Dlink dns-322l Firmware
Dlink dns-323
Dlink dns-323 Firmware
Dlink dns-325
Dlink dns-325 Firmware
Dlink dns-326
Dlink dns-326 Firmware
Dlink dns-327l
Dlink dns-327l Firmware
Dlink dns-340l
Dlink dns-340l Firmware
Dlink dns-343
Dlink dns-343 Firmware
Dlink dns-345
Dlink dns-345 Firmware
Dlink dns-726-4
Dlink dns-726-4 Firmware
CPEs cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-322l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dnr-202l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dnr-326_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-1100-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-1200-05_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-1550-04_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-315l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-320l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-320lw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-321_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-322l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-323_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-325_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-326_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-327l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-340l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-343_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-345_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dns-726-4_firmware:*:*:*:*:*:*:*:*
Vendors & Products D-link
D-link dnr-202l
D-link dnr-322l
D-link dnr-326
D-link dns-1100-4
D-link dns-120
D-link dns-1200-05
D-link dns-1550-04
D-link dns-315l
D-link dns-320
D-link dns-320l
D-link dns-320lw
D-link dns-321
D-link dns-323
D-link dns-325
D-link dns-326
D-link dns-327l
D-link dns-340l
D-link dns-343
D-link dns-345
D-link dns-726-4
Dlink
Dlink dnr-202l
Dlink dnr-202l Firmware
Dlink dnr-326
Dlink dnr-326 Firmware
Dlink dns-1100-4
Dlink dns-1100-4 Firmware
Dlink dns-120
Dlink dns-1200-05
Dlink dns-1200-05 Firmware
Dlink dns-120 Firmware
Dlink dns-1550-04
Dlink dns-1550-04 Firmware
Dlink dns-315l
Dlink dns-315l Firmware
Dlink dns-320
Dlink dns-320 Firmware
Dlink dns-320l
Dlink dns-320l Firmware
Dlink dns-320lw
Dlink dns-320lw Firmware
Dlink dns-321
Dlink dns-321 Firmware
Dlink dns-322l
Dlink dns-322l Firmware
Dlink dns-323
Dlink dns-323 Firmware
Dlink dns-325
Dlink dns-325 Firmware
Dlink dns-326
Dlink dns-326 Firmware
Dlink dns-327l
Dlink dns-327l Firmware
Dlink dns-340l
Dlink dns-340l Firmware
Dlink dns-343
Dlink dns-343 Firmware
Dlink dns-345
Dlink dns-345 Firmware
Dlink dns-726-4
Dlink dns-726-4 Firmware

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_get_ipv6 of the file /cgi-bin/network_mgr.cgi. Such manipulation leads to improper access controls. The exploit is publicly available and might be used.
Title D-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access control
Weaknesses CWE-266
CWE-284
References
Metrics cvssV2_0

{'score': 3.3, 'vector': 'AV:A/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

D-link Dnr-202l Dnr-322l Dnr-326 Dns-1100-4 Dns-120 Dns-1200-05 Dns-1550-04 Dns-315l Dns-320 Dns-320l Dns-320lw Dns-321 Dns-323 Dns-325 Dns-326 Dns-327l Dns-340l Dns-343 Dns-345 Dns-726-4
Dlink Dnr-202l Dnr-202l Firmware Dnr-326 Dnr-326 Firmware Dns-1100-4 Dns-1100-4 Firmware Dns-120 Dns-1200-05 Dns-1200-05 Firmware Dns-120 Firmware Dns-1550-04 Dns-1550-04 Firmware Dns-315l Dns-315l Firmware Dns-320 Dns-320 Firmware Dns-320l Dns-320l Firmware Dns-320lw Dns-320lw Firmware Dns-321 Dns-321 Firmware Dns-322l Dns-322l Firmware Dns-323 Dns-323 Firmware Dns-325 Dns-325 Firmware Dns-326 Dns-326 Firmware Dns-327l Dns-327l Firmware Dns-340l Dns-340l Firmware Dns-343 Dns-343 Firmware Dns-345 Dns-345 Firmware Dns-726-4 Dns-726-4 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-01T18:46:26.685Z

Reserved: 2026-03-31T10:29:41.841Z

Link: CVE-2026-5215

cve-icon Vulnrichment

Updated: 2026-04-01T18:46:22.319Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-31T22:16:22.820

Modified: 2026-04-02T17:16:25.423

Link: CVE-2026-5215

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:19:19Z

Weaknesses