16 matches found
CVE-2026-2168
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
CVE-2026-2169
A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
CVE-2026-2169
A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
CVE-2026-2169
CVE-2026-2169 affects the D-Link DWR‑M921 (firmware 1.1.50). The vulnerability resides in the /boafrm/formLtefotaUpgradeFibocom component where manipulation of the fota_url argument enables command injection. It allows remote exploitation and has been publicly disclosed. Public documents do not p...
CVE-2026-2169
A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
EUVD-2026-5781
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
CVE-2026-2168 D-Link DWR-M921 formLtefotaUpgradeQuectel sub_419920 command injection
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
PT-2026-7002
Name of the Vulnerable Software and Affected Versions D-Link DWR-M921 version 1.1.50 Description A flaw exists in D-Link DWR-M921 version 1.1.50 that allows for command injection. The issue stems from manipulating the fota url argument within the file /boafrm/formLtefotaUpgradeFibocom. This...
D-Link DWR-M921 命令注入漏洞
The D-Link DWR-M921 is a router produced by D-Link Corporation. Version 1.1.50 of the D-Link DWR-M921 contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter fotaurl in the file /boafrm/formLtefotaUpgradeQuectel, which may lead to command...
CVE-2026-2085
A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The...
CVE-2026-2085 D-Link DWR-M921 USSD Configuration Endpoint formUSSDSetup sub_419F20 command injection
A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The...
CVE-2026-2085
A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The...
PT-2026-6903
Name of the Vulnerable Software and Affected Versions D-Link DWR-M921 version 1.1.50 Description A security issue exists in D-Link DWR-M921 version 1.1.50 related to command injection. The issue is located in the USSD Configuration component, specifically within the sub 419F20 function of the...
CVE-2025-13306
A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The...
CVE-2025-13304
A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated...
PT-2025-47224
Name of the Vulnerable Software and Affected Versions D-Link DWR-M920 D-Link DWR-M921 D-Link DWR-M960 D-Link DIR-822K D-Link DIR-825M version 1.01.07 Description A buffer overflow issue exists in D-Link routers due to improper handling of the host argument when processing the file...