CVE-2026-5312 — MEDIUM (5.3)

Q: How severe is CVE-2026-5312?

CVE-2026-5312 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-5312?

Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dns-1550-04 Firmware, Dlink Dns-1550-04, Dlink Dns-315L Firmware, Dlink Dns-315L, Dlink Dns-320 Firmware.

Vulnerability Description

A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the function FMT_restart/Status_HDInfo/SMART_List/ScanDisk_info/ScanDisk/volume_status/Get_Volume_Mapping/FMT_check_disk_remount_state/FMT_rebuildinfo/FMT_result_list/FMT_result_list_phy/FMT_get_dminfo/FMT_manually_rebuild_info/Get_current_raidtype of the file /cgi-bin/dsk_mgr.cgi. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Dlink	Dns-1550-04 Firmware	<= 2026-02-05
Dlink	Dns-1550-04	-
Dlink	Dns-315L Firmware	<= 2026-02-05
Dlink	Dns-315L	-
Dlink	Dns-320 Firmware	<= 2026-02-05
Dlink	Dns-320	-
Dlink	Dns-320L Firmware	<= 2026-02-05
Dlink	Dns-320L	-
Dlink	Dns-320Lw Firmware	<= 2026-02-05
Dlink	Dns-320Lw	-
Dlink	Dns-321 Firmware	<= 2026-02-05
Dlink	Dns-321	-
Dlink	Dns-322L Firmware	<= 2026-02-05
Dlink	Dns-322L	-
Dlink	Dns-323 Firmware	<= 2026-02-05
Dlink	Dns-323	-
Dlink	Dns-325 Firmware	<= 2026-02-05
Dlink	Dns-325	-
Dlink	Dns-326 Firmware	<= 2026-02-05
Dlink	Dns-326	-

Related Weaknesses (CWE)

CWE-266 CWE-284

References

https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_172/172.mdExploitThird Party Advisory
https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_173/173.mdExploitThird Party Advisory
https://vuldb.com/submit/780442Third Party AdvisoryVDB Entry
https://vuldb.com/submit/780443Third Party AdvisoryVDB Entry
https://vuldb.com/vuln/354641Third Party AdvisoryVDB Entry
https://vuldb.com/vuln/354641/ctiPermissions RequiredVDB Entry
https://www.dlink.com/Product

FAQ

What is CVE-2026-5312?

CVE-2026-5312 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726...

How severe is CVE-2026-5312?

CVE-2026-5312 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-5312?

Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dns-1550-04 Firmware, Dlink Dns-1550-04, Dlink Dns-315L Firmware, Dlink Dns-315L, Dlink Dns-320 Firmware.