Vulnerability Database

322,129

Total vulnerabilities in the database

CVE-2026-1532

A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of the argument UploadMusic leads to path traversal. The attack can only be initiated within the local network. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.

Published: Jan 28, 2026
Updated: Feb 6, 2026
CVE: CVE-2026-1532
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 2.4
AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.2
AV:A/AC:L/Au:M/C:P/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
dlink / dcs-700l_firmware	-	1.03.09.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo