Medium severity4.7NVD Advisory· Published May 11, 2026· Updated May 11, 2026
CVE-2026-8271
CVE-2026-8271
Description
A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi. The manipulation leads to os command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:o:dlink:dns-320_firmware:2.06b01:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in-set_add_routing/blob/main/D-Link%20DNS-320%20network_mgr.cgi%20Multiple%20OS%20Command%20Injection%20Vulnerabilities.mdnvdExploitThird Party Advisory
- vuldb.com/submit/810078nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/362568nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/362568/ctinvdPermissions RequiredVDB Entry
- www.dlink.comnvdProduct
News mentions
0No linked articles in our index yet.