Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
D Link
Dns 320

D-Link DNS-320 Vulnerabilities: CVEs, CISA KEV & Security Advisories

54 CVEs

2 in CISA KEV

D-Link DNS-320 Vulnerabilities

CVE security advisories and vulnerability history for DNS-320 by D-Link.

54

Total CVEs

Published

2

In CISA KEV

Exploited in the wild

53

Public exploits

With known exploit

7.2

Avg CVSS

2019–2026

Last updated May 11, 2026

Overview

D-Link DNS-320 has 54 published CVE records since 2019, of which 2 are in CISA's Known Exploited Vulnerabilities catalog and 53 have a known public exploit. The average CVSS base score across scored CVEs is 7.2.

This page aggregates every publicly disclosed vulnerability (CVE) affecting D-Link DNS-320, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of D-Link DNS-320's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical5

High15

Medium34

Low0

In CISA’s Known Exploited Vulnerabilities catalog

2

2 of D-Link DNS-320's CVEs are confirmed exploited in the wild.

Public exploits

53

53 of D-Link DNS-320's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every D-Link DNS-320 version named in a CVE, then pick one to see only the CVEs that affect it.

No specific affected versions are recorded for D-Link DNS-320; the CVEs below apply to the product without a version pin.

54 CVEs

Sort

D-Link DNS-320 system_mgr.cgi cgi_merge_user os command injection
CVE-2026-8273
Public exploit
CWE-77
Medium · CVSS 5.1
EPSS 0.1% (31th pct)2026-05-11
D-Link DNS-320 webfile_mgr.cgi chown os command injection
CVE-2026-8272
Public exploit
CWE-78
Medium · CVSS 5.1
EPSS 0.1% (16th pct)2026-05-11
D-Link DNS-320 network_mgr.cgi cgi_upnp_edit os command injection
CVE-2026-8271
Public exploit
CWE-78
Medium · CVSS 5.1
EPSS 0.1% (31th pct)2026-05-11
D-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access control
CVE-2026-5312
Public exploit
CWE-284
Medium · CVSS 6.9
EPSS 0.2% (41th pct)2026-04-01
D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control
CVE-2026-5311
Public exploit
CWE-266
Medium · CVSS 6.9
EPSS 0.1% (24th pct)2026-04-01
D-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access control
CVE-2026-5215
Public exploit
CWE-284
Medium · CVSS 5.3
EPSS 0.1% (23th pct)2026-03-31
D-Link DNS-1550-04 account_mgr.cgi cgi_addgroup_get_group_quota_minsize stack-based overflow
CVE-2026-5214
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.0% (12th pct)2026-03-31
D-Link DNS-1550-04 account_mgr.cgi cgi_adduser_to_session stack-based overflow
CVE-2026-5213
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.0% (12th pct)2026-03-31
D-Link DNS-1550-04 webdav_mgr.cgi Webdav_Upload_File stack-based overflow
CVE-2026-5212
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.1% (33th pct)2026-03-31
D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow
CVE-2026-5211
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.0% (12th pct)2026-03-31
D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow
CVE-2026-4214
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.1% (21th pct)2026-03-16
D-Link DNS-1550-04 gui_mgr.cgi cgi_myfavorite_verify stack-based overflow
CVE-2026-4213
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.1% (26th pct)2026-03-16
D-Link DNS-1550-04 download_mgr.cgi Downloads_Schedule_Info stack-based overflow
CVE-2026-4212
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.1% (21th pct)2026-03-16
D-Link DNS-1550-04 local_backup_mgr.cgi Local_Backup_Info stack-based overflow
CVE-2026-4211
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.1% (21th pct)2026-03-16
D-Link DNS-1550-04 time_machine.cgi cgi_tm_set_share command injection
CVE-2026-4210
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (29th pct)2026-03-16
D-Link DNS-1550-04 account_mgr.cgi cgi_chg_admin_pw command injection
CVE-2026-4209
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (32th pct)2026-03-16
D-Link DNS-1550-04 system_mgr.cgi cgi_ntp_time command injection
CVE-2026-4207
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (31th pct)2026-03-16
D-Link DNS-1550-04 dsk_mgr.cgi ScanDisk_run_e2fsck command injection
CVE-2026-4206
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.2% (40th pct)2026-03-16
D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection
CVE-2026-4205
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.2% (40th pct)2026-03-16
D-Link DNS-1550-04 gui_mgr.cgi cgi_mycloud_auto_downlaod command injection
CVE-2026-4204
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (29th pct)2026-03-16
D-Link DNS-1550-04 network_mgr.cgi cgi_dhcpd command injection
CVE-2026-4203
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (26th pct)2026-03-16
D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection
CVE-2026-4197
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (32th pct)2026-03-15
D-Link DNS-1550-04 remote_backup.cgi cgi_set_rsync_server command injection
CVE-2026-4196
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (31th pct)2026-03-15
D-Link DNS-1550-04 wizard_mgr.cgi command injection
CVE-2026-4195
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (29th pct)2026-03-15
D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control
CVE-2026-4194
Public exploit
CWE-266
High · CVSS 7.3
EPSS 0.1% (30th pct)2026-03-15
D-Link DSL/DIR/DNS Authentication Bypass via DNS Configuration Endpoint
CVE-2026-0625
Patch
Workaround
CWE-306
Critical · CVSS 9.3
EPSS 0.4% (62th pct)2026-01-05
Medium vulnerability · 2024-11-06
CVE-2024-10916
Public exploit
CWE-284
Medium · CVSS 6.9
EPSS 1.1% (78th pct)2024-11-06
Critical vulnerability · 2024-11-06
CVE-2024-10915
Public exploit
CWE-74
Critical · CVSS 9.2
EPSS 94.1% (100th pct)2024-11-06
D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection
CVE-2024-10914
Public exploit
CWE-74
Critical · CVSS 9.2
EPSS 93.6% (100th pct)2024-11-06
D-Link DNS-320 Web Management Interface discovery.cgi information disclosure
CVE-2024-8461
Public exploit
CWE-200
Medium · CVSS 6.9
EPSS 1.6% (82th pct)2024-09-05

Showing 30 of 54

Common weakness types

The CWE weakness categories most often found in D-Link DNS-320 CVEs. Follow any weakness for its full explanation.

CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')26 CVEs
CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')6 CVEs
CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 CVEs
CWE-121Stack-based Buffer Overflow4 CVEs
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')4 CVEs
CWE-284Improper Access Control3 CVEs
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')2 CVEs
CWE-200Exposure of Sensitive Information to an Unauthorized Actor2 CVEs

Disclosure activity by year

How many D-Link DNS-320 CVEs were published each year.

2019

1

2021

1

2024

26

2026

26

Other D-Link products

Browse vulnerabilities for other products by D-Link.

DAP-262254 CVEs DNS-32549 CVEs DNS-340L48 CVEs DIR-605L47 CVEs DNS-320LW47 CVEs DNS-320L46 CVEs DNS-327L46 CVEs DNR-322L44 CVEs

All D-Link vulnerabilities

Frequently asked questions

Common questions about D-Link DNS-320 vulnerabilities.

How many CVEs does D-Link DNS-320 have?

D-Link DNS-320 has 54 published CVE records since 2019.

How many D-Link DNS-320 CVEs are in CISA KEV?

Yes — 2 of D-Link DNS-320's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Are there public exploits for D-Link DNS-320 vulnerabilities?

Yes — 53 of D-Link DNS-320's CVEs have a known public exploit.

What are the most common weakness types in D-Link DNS-320 CVEs?

D-Link DNS-320's CVEs most often map to these CWE weakness types: CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-121 (Stack-based Buffer Overflow).

How many critical D-Link DNS-320 vulnerabilities are there?

D-Link DNS-320 has 5 critical and 15 high-severity CVEs.

What is the average severity of D-Link DNS-320 CVEs?

The average CVSS base score across D-Link DNS-320's scored CVEs is 7.2.

References

All D-Link vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track D-Link DNS-320 vulnerabilities

Monitor new D-Link DNS-320 vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References