CVE-2026-8273 | D-Link DNS-320 2.06B01 /cgi-bin/system_mgr.cgi os command injection

Inserito da Angelo Barbosa | Mag 10, 2026 | CVE

A vulnerability marked as critical has been reported in D-Link DNS-320 2.06B01. This impacts the function cgi_set_host/cgi_set_ntp/cgi_fan_control/cgi_merge_user of the file /cgi-bin/system_mgr.cgi. This manipulation causes os command injection.

The identification of this vulnerability is CVE-2026-8273. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-8273 | D-Link DNS-320 2.06B01 /cgi-bin/system_mgr.cgi os command injection

Post correlati

CVE-2024-3481 | Counter Box Plugin up to 1.2.3 on WordPress cross-site request forgery

CVE-2024-2378 | Hitachi Energy SDM600 prior 1.3.4.572 Web-Authentication authorization

CVE-2024-8782 | JFinalCMS up to 1.0 /admin/template/edit delete name path traversal (IAOSJG)

CVE-2026-2537 | Comfast CF-E4 2.6.0.1 HTTP POST Request mbox-config?method=SET&section=ntp_timezone timestr command injection