CVE-2026-5312: Improper Access Controls in D-Link DNS-120
CVE-2026-5312 is a medium severity vulnerability affecting multiple D-Link NAS devices including the DNS-120 series. The issue involves improper access controls in several functions within the /cgi-bin/dsk_mgr. cgi file, which can be exploited remotely without authentication. Public exploit code is available, increasing the risk of exploitation. The vulnerability impacts device functions related to disk management and RAID status. No official patch or remediation information is provided in the available data.
AI Analysis
Technical Summary
This vulnerability affects various D-Link NAS devices up to firmware version 20260205. It arises from improper access controls in multiple functions of the /cgi-bin/dsk_mgr.cgi script, such as FMT_restart, Status_HDInfo, SMART_List, and others related to disk and RAID management. The flaw allows an unauthenticated remote attacker to manipulate these functions, potentially leading to unauthorized access or control over device operations. The CVSS 4.0 base score is 6.9, indicating a medium severity level. Exploit code is publicly available, but no vendor advisory or patch information is currently provided.
Potential Impact
An unauthenticated remote attacker can exploit this vulnerability to bypass access controls on critical disk management functions of affected D-Link NAS devices. This could lead to unauthorized information disclosure or manipulation of device storage management features. The availability of public exploit code increases the likelihood of exploitation, although no known active exploitation in the wild has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict network access to the affected devices, especially to the management interface, to trusted networks only. Monitor for unusual activity related to disk management functions. Avoid exposing these devices directly to untrusted networks.
CVE-2026-5312: Improper Access Controls in D-Link DNS-120
Description
CVE-2026-5312 is a medium severity vulnerability affecting multiple D-Link NAS devices including the DNS-120 series. The issue involves improper access controls in several functions within the /cgi-bin/dsk_mgr. cgi file, which can be exploited remotely without authentication. Public exploit code is available, increasing the risk of exploitation. The vulnerability impacts device functions related to disk management and RAID status. No official patch or remediation information is provided in the available data.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability affects various D-Link NAS devices up to firmware version 20260205. It arises from improper access controls in multiple functions of the /cgi-bin/dsk_mgr.cgi script, such as FMT_restart, Status_HDInfo, SMART_List, and others related to disk and RAID management. The flaw allows an unauthenticated remote attacker to manipulate these functions, potentially leading to unauthorized access or control over device operations. The CVSS 4.0 base score is 6.9, indicating a medium severity level. Exploit code is publicly available, but no vendor advisory or patch information is currently provided.
Potential Impact
An unauthenticated remote attacker can exploit this vulnerability to bypass access controls on critical disk management functions of affected D-Link NAS devices. This could lead to unauthorized information disclosure or manipulation of device storage management features. The availability of public exploit code increases the likelihood of exploitation, although no known active exploitation in the wild has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict network access to the affected devices, especially to the management interface, to trusted networks only. Monitor for unusual activity related to disk management functions. Avoid exposing these devices directly to untrusted networks.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-04-01T12:13:37.400Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 69cd85bee6bfc5ba1df9d451
Added to database: 4/1/2026, 8:53:18 PM
Last enriched: 4/10/2026, 12:14:12 AM
Last updated: 5/14/2026, 9:04:19 AM
Views: 50
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.