TopVuln

High-risk vulnerability digests

CVE-2026-4194

  • MEDIUM

Details

CVSS v3
7.3
CVSS v4
6.9
CVSS v2
7.5
NVD published
2026-03-16 14:20:03
EPSS
<0.1% probability · 13.4th percentile — 2026-03-19
Affected versions
cpe:2.3:o:dlink:dnr-202l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dnr-326_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-1100-4_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-120_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-1200-05_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-1550-04_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-315l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-320l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-320lw_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-321_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-322l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-322l:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-323_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-325_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-326_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-327l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-340l_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-343_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-345_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-726-4_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*
Summary
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_set_wto of the file /cgi-bin/system_mgr.cgi. Performing a manipulation results in improper access controls. Remote exploitation of the attack is possible. The exploit is now public and may be used.
Remediation
Not available in our cache.
Exploit info
https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_96/96.md

View on NVD

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.