CVE-2026-4197
D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection
CVSS Score
6.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function RSS_Get_Update_Status/RSS_Update/RSS_Channel_AutoDownlaod/RSS_Add/RSS_Channel_Item_Downlaod/RSS_History_Item_List/RSS_Item_List of the file /cgi-bin/download_mgr.cgi. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
| CWE | CWE-77 CWE-74 |
| Vendor | d-link |
| Product | dns-120 |
| Published | Mar 15, 2026 |
| Last Updated | Mar 16, 2026 |
Stay Ahead of the Next One
Get instant alerts for d-link dns-120
Be the first to know when new medium vulnerabilities affecting d-link dns-120 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
D-Link / DNS-120
20260205
D-Link / DNR-202L
20260205
D-Link / DNS-315L
20260205
D-Link / DNS-320
20260205
D-Link / DNS-320L
20260205
D-Link / DNS-320LW
20260205
D-Link / DNS-321
20260205
D-Link / DNR-322L
20260205
D-Link / DNS-323
20260205
D-Link / DNS-325
20260205
D-Link / DNS-326
20260205
D-Link / DNS-327L
20260205
D-Link / DNR-326
20260205
D-Link / DNS-340L
20260205
D-Link / DNS-343
20260205
D-Link / DNS-345
20260205
D-Link / DNS-726-4
20260205
D-Link / DNS-1100-4
20260205
D-Link / DNS-1200-05
20260205
D-Link / DNS-1550-04
20260205
References
vuldb.com: https://vuldb.com/?id.351109 vuldb.com: https://vuldb.com/?ctiid.351109 vuldb.com: https://vuldb.com/?submit.769864 vuldb.com: https://vuldb.com/?submit.769865 vuldb.com: https://vuldb.com/?submit.769866 vuldb.com: https://vuldb.com/?submit.769867 vuldb.com: https://vuldb.com/?submit.769868 vuldb.com: https://vuldb.com/?submit.769869 vuldb.com: https://vuldb.com/?submit.769870 vuldb.com: https://vuldb.com/?submit.770363 vuldb.com: https://vuldb.com/?submit.770364 github.com: https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_102/102.md github.com: https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_103/103.md dlink.com: https://www.dlink.com/
Credits
๐ pjq123 (VulDB User)