CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-8271

A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi. The manipulation leads to os command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.9%

CVSS Severity

CVSS v3 Score 4.7

CVSS v2 Score 5.8

References

https://github.com/dxz0069/WAVLINK-WN530H4-Command-Injection-in-set_add_routing/blob/main/D-Link%20DNS-320%20network_mgr.cgi%20Multiple%20OS%20Command%20Injection%20Vulnerabilities.md
https://vuldb.com/submit/810078
https://vuldb.com/vuln/362568
https://vuldb.com/vuln/362568/cti
https://www.dlink.com/

Products affected by CVE-2026-8271

Dlink » Dns-320 » Version: N/A

cpe:2.3:h:dlink:dns-320:-
Dlink » Dns-320 Firmware » Version: 2.06b01

cpe:2.3:o:dlink:dns-320_firmware:2.06b01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8271

Products

Pricing

Contact Us