A vulnerability identified as critical has been detected in D-Link DNS-320 2.06B01 . The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi . The manipulation leads to os command injection. This vulnerability is uniquely identified as CVE-2026-8271 . The attack is possible to be carried out remotely. Moreover, an exploit is present.