CVE-2026-4188
Published: 16 March 2026
Summary
CVE-2026-4188 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Dlink (inferred from references). Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 36.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-4188 is a stack-based buffer overflow vulnerability (CWE-119, CWE-121) in the formSchedule function of the /goform/formSchedule file within the boa component of D-Link DIR-619L firmware version 2.06B01. The flaw arises from improper handling of the curTime argument, allowing remote manipulation that triggers the overflow.
An attacker with low privileges (PR:L) can exploit this vulnerability remotely over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N), achieving high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H). The CVSS 3.1 base score of 8.8 reflects its high severity, and a public exploit is available for use in attacks.
This issue affects only products no longer supported by the maintainer, with no patches available. Advisories on VulDB (ctiid.351094, id.351094, submit.769833) and a GitHub repository detail the vulnerability and proof-of-concept exploit, while the D-Link website provides no specific mitigation guidance for this CVE.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-12247
Vulnerability details
A security flaw has been discovered in D-Link DIR-619L 2.06B01. The affected element is the function formSchedule of the file /goform/formSchedule of the component boa. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack may…
more
be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in public web management interface (formSchedule) allows remote authenticated low-priv attacker to achieve RCE with full C/I/A impact; directly maps to exploitation of public-facing applications for initial device compromise and to privilege escalation via software vulnerability.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents stack-based buffer overflow by validating the curTime argument in formSchedule before processing.
Implements memory protections like stack canaries and DEP that block exploitation of the stack buffer overflow vulnerability.
Mandates removal, alternative support, or compensating controls for unsupported EOL products like the affected D-Link DIR-619L firmware.