Medium severity4.7NVD Advisory· Published May 11, 2026· Updated May 11, 2026
CVE-2026-8271
CVE-2026-8271
Description
A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi. The manipulation leads to os command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in-set_add_routing/blob/main/D-Link%20DNS-320%20network_mgr.cgi%20Multiple%20OS%20Command%20Injection%20Vulnerabilities.mdnvdExploitThird Party Advisory
- vuldb.com/submit/810078nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/362568nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/362568/ctinvdPermissions RequiredVDB Entry
- www.dlink.comnvdProduct
News mentions
0No linked articles in our index yet.