D-Link
DNS
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L,...
2026-04-01
Description
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: OpenProject
PRODUCT: OpenProject
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability has been identified in OpenProject, a web-based project management platform, potentially leading to unauthorized data access.
Executive Summary:
The OpenProject management platform is susceptible to a high-severity vulnerability that could allow unauthorized actors to compromise project data and system integrity.
Vulnerability Details
CVE-ID: CVE-2026-52784
Affected Software: OpenProject
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the OpenProject web-based application, potentially exposing sensitive project management data. The flaw resides within the application's core functionality, which may be reachable by an unauthenticated or low-privileged attacker depending on the specific configuration.
Business Impact
Exploitation of this vulnerability threatens the confidentiality of sensitive project documentation and internal communication stored within the platform. With a CVSS score of 8.8, the risk of unauthorized data exfiltration or unauthorized system modification is high, potentially leading to significant operational disruption.
Remediation Plan
Immediate Action: Update the OpenProject instance to the latest stable version provided by the vendor to address the underlying security deficiency.
Proactive Monitoring: Review application access logs for anomalous patterns, such as mass data export requests or unexpected administrative activity.
Compensating Controls: Deploy a Web Application Firewall (WAF) with updated rulesets to detect and block malicious payloads targeting known OpenProject vulnerabilities.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 27, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams must prioritize the remediation of this vulnerability due to the sensitive nature of information held in project management systems. Apply all available vendor patches immediately and ensure that audit logging is enabled to detect any potential post-exploitation activity.