Lucene search
K

59 matches found

RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.13 views

CVE-2026-11339

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

8.8CVSS5.4AI score0.03133EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 5:16 p.m.32 views

CVE-2026-11339

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

8.8CVSS0.03133EPSS
Exploits1References6
EUVD
EUVD
added 2026/06/05 4:45 p.m.11 views

EUVD-2026-34860

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.01044EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/05 4:45 p.m.7 views

CVE-2026-11341

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.01044EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/05 4:45 p.m.40 views

CVE-2026-11341 D-Link DWR-M920 formIMEISetup sub_412DA0 os command injection

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS0.01044EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/05 4:30 p.m.53 views

CVE-2026-11339 D-Link DWR-M920 formUSSDSetup sub_41CF20 command injection

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

6.5CVSS0.03133EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/06/05 4:30 p.m.10 views

CVE-2026-11339

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03133EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2026/06/05 12:16 a.m.9 views

CVE-2026-10878

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

8.8CVSS0.04236EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/06/05 12:0 a.m.8 views

CVE-2026-10878

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

8.8CVSS6.4AI score0.04236EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/05 12:0 a.m.31 views

CVE-2026-10878

Summary of vulnerability : CVE-2026-10878 affects D-Link DWR-M920 firmware versions 1.1.50 and 1.1.70. The issue resides in the function sub_41C8E8 of /boafrm/formSmsManage, where manipulation of the argument action_value leads to a command injection . The vulnerability enables remote exploitatio...

8.8CVSS6.5AI score0.04236EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.18 views

PT-2026-47006

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub 412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEI value causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS6.3AI score0.01044EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

D-Link DWR-M920 命令注入漏洞

The D-Link DWR-M920 is a router produced by D-Link Corporation. Versions 1.1.50 and 1.1.70 of the D-Link DWR-M920 contain command injection vulnerabilities. These vulnerabilities stem from improper handling of the actionvalue parameter in the sub41C8E8 function found in the /boafrm/formSmsManage...

8.8CVSS6.5AI score0.04236EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.18 views

PT-2026-46838

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub 41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action value results in command injection. The attack is possible to be carried out remotely. The exploit is now public a...

6.5CVSS6.5AI score0.04236EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.34 views

PT-2026-46978

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub 41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may...

6.5CVSS6.4AI score0.03133EPSS
Exploits1References7
CNVD
CNVD
added 2026/01/14 12:0 a.m.4 views

D-Link DWR-M920 sub_423848 function buffer overflow vulnerability

The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a buffer overflow vulnerability that stems from the incorrect manipulation of the parameter submit-url in the function sub423848 in the file /boafrm/formParentControl, for which no...

9CVSS6AI score0.00693EPSS
Exploits1References1
CNVD
CNVD
added 2026/01/14 12:0 a.m.6 views

D-Link DWR-M920 Command Injection Vulnerability

The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a command injection vulnerability that stems from the incorrect manipulation of the parameter fotaurl in the function sub4155B4 in the file /boafrm/formLtefotaUpgradeFibocom, for which n...

8.8CVSS5.9AI score0.03443EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/30 3:7 p.m.6 views

CVE-2025-15193

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and...

9CVSS7AI score0.00693EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/30 3:7 p.m.8 views

CVE-2025-15192

A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...

8.8CVSS6.9AI score0.03443EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/30 2:5 p.m.7 views

CVE-2025-15190

A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public...

9CVSS7.1AI score0.00693EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/29 3:30 p.m.6 views

EUVD-2025-205577

A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public...

9CVSS6.7AI score0.00693EPSS
Exploits1References7
Rows per page
Query Builder