CVE-2026-5312 | D-Link DNS-1550-04 up to 20260205 /cgi-bin/dsk_mgr.cgi access control

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. It has been declared as critical. Affected by this vulnerability is the function

FMT_restart/Status_HDInfo/SMART_List/ScanDisk_info/ScanDisk/volume_status/Get_Volume_Mapping/FMT_check_disk_remount_state/FMT_rebuildinfo/FMT_result_list/FMT_result_list_phy/FMT_get_dminfo/FMT_manually_rebuild_info/Get_current_raidtype

of the file /cgi-bin/dsk_mgr.cgi. Executing a manipulation can lead to improper access controls.

This vulnerability is registered as CVE-2026-5312. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-5312 | D-Link DNS-1550-04 up to 20260205 /cgi-bin/dsk_mgr.cgi access control

Post correlati

CVE-2025-12877 | IDonate Plugin up to 2.1.15 on WordPress panding_blood_request_action authorization

CVE-2026-5206 | code-projects Simple Gym Management System 1.0 Payment sql injection

CVE-2024-46966 | Video Downloader Pro & Browser up to 1.0.42 on Android MainActivity Privilege Escalation

CVE-2025-53818 | Sunwood-ai-labs github-kanban-mcp-server 0.3.0/0.4.0 add_comment os command injection