59 matches found
CVE-2026-11339
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...
CVE-2026-11339
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...
EUVD-2026-34860
A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-11341
A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-11341 D-Link DWR-M920 formIMEISetup sub_412DA0 os command injection
A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-11339 D-Link DWR-M920 formUSSDSetup sub_41CF20 command injection
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...
CVE-2026-11339
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...
CVE-2026-10878
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...
CVE-2026-10878
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...
CVE-2026-10878
Summary of vulnerability : CVE-2026-10878 affects D-Link DWR-M920 firmware versions 1.1.50 and 1.1.70. The issue resides in the function sub_41C8E8 of /boafrm/formSmsManage, where manipulation of the argument action_value leads to a command injection . The vulnerability enables remote exploitatio...
PT-2026-47006
A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub 412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEI value causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...
D-Link DWR-M920 命令注入漏洞
The D-Link DWR-M920 is a router produced by D-Link Corporation. Versions 1.1.50 and 1.1.70 of the D-Link DWR-M920 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the actionvalue parameter in the sub41C8E8 function found in the /boafrm/formSmsManage...
PT-2026-46838
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub 41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action value results in command injection. The attack is possible to be carried out remotely. The exploit is now public a...
PT-2026-46978
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub 41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may...
D-Link DWR-M920 sub_423848 function buffer overflow vulnerability
The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a buffer overflow vulnerability that stems from the incorrect manipulation of the parameter submit-url in the function sub423848 in the file /boafrm/formParentControl, for which no...
D-Link DWR-M920 Command Injection Vulnerability
The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a command injection vulnerability that stems from the incorrect manipulation of the parameter fotaurl in the function sub4155B4 in the file /boafrm/formLtefotaUpgradeFibocom, for which n...
CVE-2025-15193
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and...
CVE-2025-15192
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...
CVE-2025-15190
A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public...
EUVD-2025-205577
A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public...