PT-2026-39572 · D Link · Dns-320

St4R

·

Published

2026-05-11

·

Updated

2026-05-11

·

CVE-2026-8273

CVSS v2.0

5.8

Medium

VectorAV:N/AC:L/Au:M/C:P/I:P/A:P
A weakness has been identified in D-Link DNS-320 2.06B01. This impacts the function cgi set host/cgi set ntp/cgi fan control/cgi merge user of the file /cgi-bin/system mgr.cgi. This manipulation causes os command injection. It is possible to initiate the attack remotely.

Fix

OS Command Injection

Command Injection

Weakness Enumeration

CWE-78CWE-77

Related Identifiers

CVE-2026-8273

Affected Products

Dns-320