Vulnerability Description
A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of the argument UploadMusic leads to path traversal. The attack can only be initiated within the local network. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dcs-700L Firmware | <= 1.03.09 |
| Dlink | Dcs-700L | - |
Related Weaknesses (CWE)
References
- https://tzh00203.notion.site/D-Link-DCS700l-v1-03-09-Path-Traversal-VulnerabilitExploitThird Party Advisory
- https://vuldb.com/?ctiid.343218Permissions RequiredVDB Entry
- https://vuldb.com/?id.343218Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.738693Third Party AdvisoryVDB Entry
- https://www.dlink.com/Product
FAQ
What is CVE-2026-1532?
CVE-2026-1532 is a vulnerability with a CVSS score of 2.4 (LOW). A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of ...
How severe is CVE-2026-1532?
CVE-2026-1532 has been rated LOW with a CVSS base score of 2.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-1532?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dcs-700L Firmware, Dlink Dcs-700L.