Zero Day MonitorZDM

← Back to list

6.3

CVE-2026-8344

d-link · dir-816

D-Link DIR-816 formDMZ.cgi sub_445E7C command injection

Description

A weakness has been identified in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this vulnerability is the function sub_445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

Affected Products

Vendor	Product	Versions
d-link	dir-816	1.10CNB05_R1B011D88210

References

Related News (1 articles)

Tier C

VulDB15d ago

CVE-2026-8344 | D-Link DIR-816 1.10CNB05_R1B011D88210 /goform/formDMZ.cgi sub_445E7C command injection

→ No new info (linked only)

CVSS 3.16.3 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-77, CWE-74

PublishedMay 11, 2026

Last enriched14d ago

Trending Score5

Source articles1

Independent1

Info Completeness4/14

Missing: vendor, product, versions, cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2018-25358EXP

D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DSL2600U 'rom-0' Admin Password Disclosure

NONECVE-2026-8271

D-Link DNS-320 network_mgr.cgi cgi_upnp_edit os command injection

CRITICALCVE-2026-42376

D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials

NONECVE-2026-8346

D-Link DIR-816 portForward command injection

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

May 11, 2026

Discovered by ZDM

May 12, 2026