21 matches found
D-Link NAS - Command Injection via Group Parameter
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. i...
CVE-2026-5312
A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the...
CVE-2026-5212
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...
CVE-2026-5312
A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the...
CVE-2026-5211
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...
CVE-2026-5212
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...
CVE-2026-4206
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function...
D-Link多款产品 安全漏洞
D-Link DNS-320, etc., are products of D-Link Corporation from China. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-325 is also a NAS device. The D-Link DNS-120 is a network storage adapter. Several D-Link products have security vulnerabilities; these vulnerabilities...
D-Link多款产品 安全漏洞
D-Link DNS-320, etc., are products of D-Link Corporation from China. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-325 is also a NAS device. The D-Link DNS-120 is a network storage adapter. Several D-Link products have security vulnerabilities; these vulnerabilities...
Exploit for Improper Neutralization in Dlink Dns-320_Firmware
CVE-2024-10915 - D-Link NAS Command Injection Exploit This Py...
Exploit for Improper Neutralization in Dlink Dns-320_Firmware
POC - CVE-2024–10914- Command Injection Vulnerability in name...
D-Link多款产品 安全漏洞
D-Link DNS-320 and others are a NAS Network Attached Storage device from China's AUO D-Link. A security vulnerability exists in various D-Link products, which stems from an incorrect operation of the parameter group that can lead to operating system command injection. The following products and...
Exploit for Use of Hard-coded Credentials in Dlink Dns-320L_Firmware
Dinkleberry 🫐 Are you one of the 92,000+ people1 stuck with a...
The vulnerability of the CGI script nas_sharing.cgi of the D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L NAS devices allows a hacker to execute arbitrary code.
The vulnerability of the CGI script nassharing.cgi of the D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L device operating systems is related to the use of pre-installed user accounts. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted...
D-Link NAS nas_sharing.cgi command injection
Added: 04/24/2024 CVE: CVE-2024-3273 Background D-Link Network Attached Storage NAS devices allow different clients to connect to a centralized disk on a Local Area Network LAN. Problem A backdoor and a command injection vulnerability in the nassharing.cgi script allow a remote attacker to execut...
D-Link NAS nas_sharing.cgi command injection
Added: 04/24/2024 CVE: CVE-2024-3273 Background D-Link Network Attached Storage NAS devices allow different clients to connect to a centralized disk on a Local Area Network LAN. Problem A backdoor and a command injection vulnerability in the nassharing.cgi script allow a remote attacker to execut...
Critical RCE Flaw Found in EoL D-Link NAS Devices
...
Exploit for Command Injection in Dlink Dns-320L_Firmware
D-Link NAS Command Execution Exploit This Python script explo...
Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks
Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage NAS devices. Tracked as CVE-2024-3272 CVSS score: 9.8 and CVE-2024-3273 CVSS score: 7.3, the vulnerabilities impact legacy D-Link...
CVE-2024-3272
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The...