CVE-2026-4206 | D-Link DNS-1550-04 up to 20260205 /cgi-bin/dsk_mgr.cgi command injection

A vulnerability marked as critical has been reported in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function FMT_rebuild_diskmgr/FMT_create_diskmgr/ScanDisk_run_e2fsck of the file /cgi-bin/dsk_mgr.cgi. Performing a manipulation results in command injection.

This vulnerability is reported as CVE-2026-4206. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-4206 | D-Link DNS-1550-04 up to 20260205 /cgi-bin/dsk_mgr.cgi command injection

Post correlati

CVE-2024-35538 | Typecho 1.3.0 Handler X-Forwarded-For unknown vulnerability

CVE-2025-1415 | Proget Konsola MDM up to 2.17.4 authorization

CVE-2024-2028 | Exclusive Addons for Elementor Plugin up to 2.6.9 on WordPress Covid-19 Stats Widget cross site scripting

CVE-2024-55927 | Xerox Workplace Suite prior 5.6.701.9 Token Generation hard-coded credentials