Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
D Link
Dns 325

D-Link DNS-325 Vulnerabilities: CVEs, CISA KEV & Security Advisories

49 CVEs

2 in CISA KEV

D-Link DNS-325 Vulnerabilities

CVE security advisories and vulnerability history for DNS-325 by D-Link.

49

Total CVEs

Published

2

In CISA KEV

Exploited in the wild

48

Public exploits

With known exploit

7.3

Avg CVSS

2024–2026

Last updated April 1, 2026

Overview

D-Link DNS-325 has 49 published CVE records since 2024, of which 2 are in CISA's Known Exploited Vulnerabilities catalog and 48 have a known public exploit. The average CVSS base score across scored CVEs is 7.3.

This page aggregates every publicly disclosed vulnerability (CVE) affecting D-Link DNS-325, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.

Severity and exploitation

How the CVSS severity of D-Link DNS-325's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical5

High15

Medium29

Low0

In CISA’s Known Exploited Vulnerabilities catalog

2

2 of D-Link DNS-325's CVEs are confirmed exploited in the wild.

Public exploits

48

48 of D-Link DNS-325's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every D-Link DNS-325 version named in a CVE, then pick one to see only the CVEs that affect it.

No specific affected versions are recorded for D-Link DNS-325; the CVEs below apply to the product without a version pin.

49 CVEs

Sort

D-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access control
CVE-2026-5312
Public exploit
CWE-284
Medium · CVSS 6.9
EPSS 0.2% (41th pct)2026-04-01
D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control
CVE-2026-5311
Public exploit
CWE-266
Medium · CVSS 6.9
EPSS 0.1% (24th pct)2026-04-01
D-Link DNS-1550-04 network_mgr.cgi cgi_get_ipv6 access control
CVE-2026-5215
Public exploit
CWE-284
Medium · CVSS 5.3
EPSS 0.1% (23th pct)2026-03-31
D-Link DNS-1550-04 account_mgr.cgi cgi_addgroup_get_group_quota_minsize stack-based overflow
CVE-2026-5214
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.0% (12th pct)2026-03-31
D-Link DNS-1550-04 account_mgr.cgi cgi_adduser_to_session stack-based overflow
CVE-2026-5213
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.0% (12th pct)2026-03-31
D-Link DNS-1550-04 webdav_mgr.cgi Webdav_Upload_File stack-based overflow
CVE-2026-5212
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.1% (33th pct)2026-03-31
D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow
CVE-2026-5211
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.0% (12th pct)2026-03-31
D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow
CVE-2026-4214
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.1% (21th pct)2026-03-16
D-Link DNS-1550-04 gui_mgr.cgi cgi_myfavorite_verify stack-based overflow
CVE-2026-4213
Public exploit
CWE-119
High · CVSS 8.8
EPSS 0.1% (26th pct)2026-03-16
D-Link DNS-1550-04 download_mgr.cgi Downloads_Schedule_Info stack-based overflow
CVE-2026-4212
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.1% (21th pct)2026-03-16
D-Link DNS-1550-04 local_backup_mgr.cgi Local_Backup_Info stack-based overflow
CVE-2026-4211
Public exploit
CWE-121
High · CVSS 8.8
EPSS 0.1% (21th pct)2026-03-16
D-Link DNS-1550-04 time_machine.cgi cgi_tm_set_share command injection
CVE-2026-4210
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (29th pct)2026-03-16
D-Link DNS-1550-04 account_mgr.cgi cgi_chg_admin_pw command injection
CVE-2026-4209
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (32th pct)2026-03-16
D-Link DNS-1550-04 system_mgr.cgi cgi_ntp_time command injection
CVE-2026-4207
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (31th pct)2026-03-16
D-Link DNS-1550-04 dsk_mgr.cgi ScanDisk_run_e2fsck command injection
CVE-2026-4206
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.2% (40th pct)2026-03-16
D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection
CVE-2026-4205
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.2% (40th pct)2026-03-16
D-Link DNS-1550-04 gui_mgr.cgi cgi_mycloud_auto_downlaod command injection
CVE-2026-4204
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (29th pct)2026-03-16
D-Link DNS-1550-04 network_mgr.cgi cgi_dhcpd command injection
CVE-2026-4203
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (26th pct)2026-03-16
D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection
CVE-2026-4197
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (32th pct)2026-03-15
D-Link DNS-1550-04 remote_backup.cgi cgi_set_rsync_server command injection
CVE-2026-4196
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (31th pct)2026-03-15
D-Link DNS-1550-04 wizard_mgr.cgi command injection
CVE-2026-4195
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 0.1% (29th pct)2026-03-15
D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control
CVE-2026-4194
Public exploit
CWE-266
High · CVSS 7.3
EPSS 0.1% (30th pct)2026-03-15
D-Link DSL/DIR/DNS Authentication Bypass via DNS Configuration Endpoint
CVE-2026-0625
Patch
Workaround
CWE-306
Critical · CVSS 9.3
EPSS 0.4% (62th pct)2026-01-05
Medium vulnerability · 2024-11-06
CVE-2024-10916
Public exploit
CWE-284
Medium · CVSS 6.9
EPSS 1.1% (78th pct)2024-11-06
Critical vulnerability · 2024-11-06
CVE-2024-10915
Public exploit
CWE-74
Critical · CVSS 9.2
EPSS 94.1% (100th pct)2024-11-06
D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection
CVE-2024-10914
Public exploit
CWE-74
Critical · CVSS 9.2
EPSS 93.6% (100th pct)2024-11-06
D-Link DNS-1550-04 hd_config.cgi cgi_FMT_Std2R5_2nd_DiskMGR command injection
CVE-2024-8214
Public exploit
CWE-77
Medium · CVSS 6.3
EPSS 1.4% (81th pct)2024-08-27
D-Link DNS-1550-04 hd_config.cgi cgi_FMT_R12R5_1st_DiskMGR command injection
CVE-2024-8213
Public exploit
Patch
CWE-77
Medium · CVSS 6.3
EPSS 1.6% (82th pct)2024-08-27
Medium vulnerability · 2024-08-27
CVE-2024-8212
Public exploit
Patch
CWE-77
Medium · CVSS 6.3
EPSS 3.5% (88th pct)2024-08-27
Medium vulnerability · 2024-08-27
CVE-2024-8211
Public exploit
Patch
CWE-77
Medium · CVSS 6.3
EPSS 3.2% (87th pct)2024-08-27

Showing 30 of 49

Common weakness types

The CWE weakness categories most often found in D-Link DNS-325 CVEs. Follow any weakness for its full explanation.

CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')26 CVEs
CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')6 CVEs
CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 CVEs
CWE-121Stack-based Buffer Overflow4 CVEs
CWE-284Improper Access Control3 CVEs
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')2 CVEs
CWE-266Incorrect Privilege Assignment2 CVEs
CWE-306Missing Authentication for Critical Function1 CVE

Disclosure activity by year

How many D-Link DNS-325 CVEs were published each year.

2024

26

2026

23

Other D-Link products

Browse vulnerabilities for other products by D-Link.

DAP-262254 CVEs DNS-32054 CVEs DNS-340L48 CVEs DIR-605L47 CVEs DNS-320LW47 CVEs DNS-320L46 CVEs DNS-327L46 CVEs DNR-322L44 CVEs

All D-Link vulnerabilities

Frequently asked questions

Common questions about D-Link DNS-325 vulnerabilities.

How many CVEs does D-Link DNS-325 have?

D-Link DNS-325 has 49 published CVE records since 2024.

How many D-Link DNS-325 CVEs are in CISA KEV?

Yes — 2 of D-Link DNS-325's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Are there public exploits for D-Link DNS-325 vulnerabilities?

Yes — 48 of D-Link DNS-325's CVEs have a known public exploit.

What are the most common weakness types in D-Link DNS-325 CVEs?

D-Link DNS-325's CVEs most often map to these CWE weakness types: CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-121 (Stack-based Buffer Overflow).

How many critical D-Link DNS-325 vulnerabilities are there?

D-Link DNS-325 has 5 critical and 15 high-severity CVEs.

What is the average severity of D-Link DNS-325 CVEs?

The average CVSS base score across D-Link DNS-325's scored CVEs is 7.3.

References

All D-Link vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track D-Link DNS-325 vulnerabilities

Monitor new D-Link DNS-325 vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References