Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows malicious users to run arbitrary commands via the urlAdd parameter.