CVE-2026-1532 | D-Link DCS-700L 1.03.09 Music File Upload Service /setUploadMusic uploadmusic path traversal

A vulnerability was found in D-Link DCS-700L 1.03.09. It has been rated as critical. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of the argument UploadMusic leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2026-1532. The attack can only be initiated within the local network. Moreover, an exploit is present.

CVE-2026-1532 | D-Link DCS-700L 1.03.09 Music File Upload Service /setUploadMusic uploadmusic path traversal

Post correlati

CVE-2024-56939 | LearnDash 6.7.1 ld-comment-body Class cross site scripting

CVE-2025-7780 | AI Engine Plugin up to 2.9.4 on WordPress simpleTranscribeAudio/get_audio path traversal

CVE-2025-10910 | Govee H6056 1.08.13 API authorization

CVE-2024-51210 | Firepad up to 1.5.11 Pad ID information disclosure