Threats Tagged 'cve-2026-4197'
View all threats tagged with 'cve-2026-4197'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-4197'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-4197: Command Injection in D-Link DNS-120CVE-2026-4197 0 CVE-2026-4197 is a command injection vulnerability affecting multiple D-Link NAS devices, including the DNS-120 and various other models. The flaw exists in the /cgi-bin/download_mgr.cgi script, specifically in functions handling RSS feed updates and downloads. An attacker can remotely exploit this vulnerability without authentication or user interaction, injecting arbitrary commands on the device. The vulnerability has a CVSS 4.0 base score of 5.3, indicating medium severity. Although no public exploits are currently known in the wild, the exploit code has been made public, increasing the risk of future attacks. Successful exploitation could lead to unauthorized command execution, potentially compromising device integrity and availability. Organizations using affected D-Link NAS devices should prioritize patching or applying mitigations to prevent exploitation. Join the discussion | CVE Database V5 | 03/15/2026, 23:32:15 UTC Added: 03/15/2026, 23:50:58 UTC |
Showing 1 to 1 of 1 result