{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7026", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-25T14:13:55.932Z", "datePublished": "2026-04-26T07:15:12.717Z", "dateUpdated": "2026-04-27T13:31:45.153Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-26T07:15:12.717Z"}, "title": "D-Link DGS-3420 System Information Settings cross site scripting", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "Cross Site Scripting"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "Code Injection"}]}], "affected": [{"vendor": "D-Link", "product": "DGS-3420", "versions": [{"version": "1.50.018", "status": "affected"}], "modules": ["System Information Settings Page"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.8, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.1, "vectorString": "AV:N/AC:L/Au:M/C:N/I:C/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-25T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-25T16:19:10.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Fergod (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB Vulnerability Moderation Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/359606", "name": "VDB-359606 | D-Link DGS-3420 System Information Settings cross site scripting", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359606/cti", "name": "VDB-359606 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/797877", "name": "Submit #797877 | D-Link DGS-3420-28TC 1.50.018 Cross Site Scripting", "tags": ["third-party-advisory"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T13:18:59.848189Z", "id": "CVE-2026-7026", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T13:31:45.153Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-7026", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-27T13:18:59.848189Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T13:19:00.889Z"}}], "cna": {"title": "D-Link DGS-3420 System Information Settings cross site scripting", "credits": [{"lang": "en", "type": "reporter", "value": "Fergod (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB Vulnerability Moderation Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.1, "vectorString": "AV:N/AC:L/Au:M/C:N/I:C/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "D-Link", "modules": ["System Information Settings Page"], "product": "DGS-3420", "versions": [{"status": "affected", "version": "1.50.018"}]}], "timeline": [{"lang": "en", "time": "2026-04-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-25T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-25T16:19:10.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/359606", "name": "VDB-359606 | D-Link DGS-3420 System Information Settings cross site scripting", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359606/cti", "name": "VDB-359606 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/797877", "name": "Submit #797877 | D-Link DGS-3420-28TC 1.50.018 Cross Site Scripting", "tags": ["third-party-advisory"]}, {"url": "https://www.dlink.com/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Cross Site Scripting"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "Code Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-26T07:15:12.717Z"}}}, "cveMetadata": {"cveId": "CVE-2026-7026", "state": "PUBLISHED", "dateUpdated": "2026-04-27T13:31:45.153Z", "dateReserved": "2026-04-25T14:13:55.932Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-26T07:15:12.717Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dgs-3420-28tc_firmware:1.50.018:*:*:*:*:*:*:*", "matchCriteriaId": "9537C093-E8F6-47F3-8884-D4FBE0EE9ABB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dgs-3420-28tc:-:*:*:*:*:*:*:*", "matchCriteriaId": "15DA5894-3AF7-4FBC-BD66-C9259CF029FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized."}], "id": "CVE-2026-7026", "lastModified": "2026-04-30T14:11:03.170", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "NONE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:M/C:N/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 6.4, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-26T08:16:01.513", "references": [{"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/submit/797877"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/vuln/359606"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/vuln/359606/cti"}, {"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://www.dlink.com/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-94"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.50.018"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "dgs-3420", "vendor": "d-link"}], "analysis": {"en": {"generated_at": "2026-04-28T05:22:40.013811+00:00", "value": {"mitigation_remediation": ["Upgrade the D\u2011Link DGS\u20113420 firmware to the latest release that removes the cross\u2011site scripting flaw in the System Information Settings page.", "Limit access to the router\u2019s web management interface to trusted internal networks or specific IP addresses, or disable remote management entirely.", "If upgrade is not immediately possible, block or disable the System Information Settings page using the router\u2019s firewall or access\u2011control rules, preventing the vulnerable input from being reached."], "summary": {"action": "Patch Now", "impact": "Remote cross\u2011site scripting via the System Name input"}, "threat_synthesis": {"affected_systems": "This issue affects D\u2011Link DGS\u20113420 devices running firmware version 1.50.018. No other firmware releases or builds were specified in the advisory, so only this version is known to be vulnerable. The router interface is the target of the attack; the vulnerability lies in the web\u2011based System Information Settings component.", "description_and_impact": "The vulnerability resides in the System Information Settings page of the D\u2011Link DGS\u20113420 router. An attacker can supply a specially crafted System Name parameter that is reflected back into the page without proper sanitization, leading to cross\u2011site scripting. This flaw allows arbitrary JavaScript execution in the browser of any user who views the page, potentially enabling session hijacking, credential theft, or malicious navigation. The flaw is classified as CWE\u201179 and also involves potential code injection (CWE\u201194).", "risk_and_exploitability": "The CVSS base score is 6.8, indicating a moderate severity level. The EPSS score is below 1\u00a0%, meaning the likelihood of exploitation is low at the moment. The vulnerability is not listed in the CISA KEV catalog. Remote exploitation is possible; an attacker only needs to send a request containing a malicious System Name value to the router\u2019s web interface, which is reachable over the network. Because the flaw occurs on a publicly reachable input and the payload is executed in the victim\u2019s browser, the risk is primarily to users who log into the router remotely."}}}}, "created": "2026-04-27T20:20:27.391120+00:00", "updated": "2026-04-28T05:30:23.354730+00:00", "vendors": ["d-link", "d-link$PRODUCT$dgs-3420"]}