Zero Day MonitorZDM

← Back to list

4.7

CVE-2026-8271

d-link · dns-320

D-Link DNS-320 network_mgr.cgi cgi_upnp_edit os command injection

Description

A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi. The manipulation leads to os command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

Affected Products

Vendor	Product	Versions
d-link	dns-320	2.06B01

References

Related News (1 articles)

Tier C

VulDB16d ago

CVE-2026-8271 | D-Link DNS-320 2.06B01 /cgi-bin/network_mgr.cgi os command injection

→ No new info (linked only)

CVSS 3.14.7 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-78, CWE-77

PublishedMay 11, 2026

Last enriched15d ago

Trending Score5

Source articles1

Independent1

Info Completeness0/14

Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2018-25358EXP

D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DSL2600U 'rom-0' Admin Password Disclosure

CRITICALCVE-2026-42376

D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials

NONECVE-2026-8346

D-Link DIR-816 portForward command injection

NONECVE-2026-8344

D-Link DIR-816 formDMZ.cgi sub_445E7C command injection

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 11, 2026

Discovered by ZDM

May 11, 2026