CVE-2026-8344 PUBLISHED

A weakness has been identified in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this vulnerability is the function sub_445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

• stksgg (VulDB User) reporter

• VDB-362660 | D-Link DIR-816 formDMZ.cgi sub_445E7C command injection
• VDB-362660 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #811378 | D-Link DIR 878 DIR-816A2_FWv1.10CNB05_R1B011D88210.img Command Injection
• https://github.com/lipenghai/iot_bug/blob/main/D-Link/DIR816/1.md
• https://www.dlink.com/

• Command Injection CWE
• Injection CWE