VYPR
Medium severity6.3NVD Advisory· Published Mar 16, 2026· Updated Apr 29, 2026

CVE-2026-4206

CVE-2026-4206

Description

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function FMT_rebuild_diskmgr/FMT_create_diskmgr/ScanDisk_run_e2fsck of the file /cgi-bin/dsk_mgr.cgi. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

21
  • cpe:2.3:o:dlink:dnr-202l_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dnr-326_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-1100-4_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-1200-05_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:dlink:dns-1200-05_firmware:*:*:*:*:*:*:*:*range: <=2026-02-05
    • cpe:2.3:o:dlink:dns-120_firmware:*:*:*:*:*:*:*:*range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-1550-04_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-315l_firmware:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:dlink:dns-315l_firmware:*:*:*:*:*:*:*:*range: <=2026-02-05
    • cpe:2.3:o:dlink:dns-320l_firmware:*:*:*:*:*:*:*:*range: <=2026-02-05
    • cpe:2.3:o:dlink:dns-325_firmware:*:*:*:*:*:*:*:*range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-320lw_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-321_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-322l_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-323_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:dlink:dns-323_firmware:*:*:*:*:*:*:*:*range: <=2026-02-05
    • cpe:2.3:o:dlink:dns-327l_firmware:*:*:*:*:*:*:*:*range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-326_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-340l_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-343_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-345_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • cpe:2.3:o:dlink:dns-726-4_firmware:*:*:*:*:*:*:*:*
    Range: <=2026-02-05
  • Dlink/DNS-120llm-fuzzy
    Range: <=20260205

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.