3875 matches found
CVE-2026-4207
CVE-2026-4207 affects D-Link DNS-120 family devices (DNS-120, DNS-1200-04/05, DNS-1550-04, and related models) and various DNS-DNR units. The vulnerability targets /cgi-bin/system_mgr.cgi in the cgi_sms_test/cgi_firmware_upload/cgi_ntp_time path, impacting the function cgi_device/cgi_sms_test/cgi...
CVE-2026-4206 D-Link DNS-1550-04 dsk_mgr.cgi ScanDisk_run_e2fsck command injection
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function...
CVE-2026-4206
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function...
CVE-2026-4206
CVE-2026-4206 describes a remote command-injection flaw in multiple D-Link NAS/DVR devices (DNS-120 series, DNS-320/321/325/326/327L, DNS-340L, DNS-343/345, DNS-1100-4, DNS-1200-05, DNS-1550-04, DNR/DNS variants) affecting the disk-management CGI endpoint /cgi-bin/dsk_mgr.cgi. The vulnerability t...
CVE-2026-4204
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function...
CVE-2026-4203 D-Link DNS-1550-04 network_mgr.cgi cgi_dhcpd command injection
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...
CVE-2026-4203 D-Link DNS-1550-04 network_mgr.cgi cgi_dhcpd command injection
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...
CVE-2026-4203
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...
CVE-2026-4203
Summary (CVE-2026-4203): A command-injection vulnerability affects multiple D-Link DNS-series devices (e.g., DNS-120, DNS-320, DNS-1550-04, etc.) via /cgi-bin/network_mgr.cgi in functions including cgi_portforwarding_add/del/modify/add_scan, cgi_dhcpd_lease, cgi_ddns, cgi_ip, and cgi_dhcpd. The i...
PT-2026-25638
A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub 458754 of the file /goform/set wifi. The manipulation results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about...
PT-2026-25785
A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route set user policy rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack...
PT-2026-25583
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi...
PT-2026-25585
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...
CVE-2026-4197
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...
CVE-2026-4197 D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...
CVE-2026-4197
The CVE-2026-4197 entry affects D-Link DNS-120 family devices (DNS-120, DNS-1200-05, DNS-1550-04, and others listed) and is tied to the function RSS_Get_Update_Status/RSS_Update/RSS_Channel_AutoDownlaod/RSS_Add/RSS_Channel_Item_Downlaod/RSS_History_Item_List/RSS_Item_List in the file /cgi-bin/dow...
CVE-2026-4196 D-Link DNS-1550-04 remote_backup.cgi cgi_set_rsync_server command injection
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function...
CVE-2026-4196
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function...
CVE-2026-4192 AvinashBole quip-mcp-server index.ts setupToolHandlers command injection
A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and m...
CVE-2026-4192 AvinashBole quip-mcp-server index.ts setupToolHandlers command injection
A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and m...