Lucene search
K

896 matches found

RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.5 views

CVE-2026-2856

A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub424AFC of the file /boafrm/formFilter of the component Filter Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be...

9CVSS6.2AI score0.00642EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.5 views

CVE-2026-2855

A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...

9CVSS6.3AI score0.0062EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/22 12:0 a.m.9 views

D-Link DWR-M960 安全漏洞

The D-Link DWR-M960 is a router produced by D-Link Corporation. The D-Link DWR-M960 version 1.01.07 has a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file /boafrm/formLteSetup, specifically the submit-url parameter. This could lead to a stack buff...

9CVSS7.7AI score0.00642EPSS
Exploits1References5
OSV
OSV
added 2026/02/21 8:16 p.m.3 views

CVE-2026-2883

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed an...

8.8CVSS6.5AI score0.00728EPSS
Exploits1References5
NVD
NVD
added 2026/02/21 8:16 p.m.8 views

CVE-2026-2881

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...

9CVSS0.00642EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.6 views

CVE-2026-2853

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...

9CVSS6.3AI score0.00863EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/21 12:0 a.m.8 views

D-Link DWR-M960 安全漏洞

The D-Link DWR-M960 is a router produced by D-Link Corporation. The D-Link DWR-M960 version 1.01.07 has a security vulnerability. This vulnerability stems from the stack buffer overflow issue in the operation of the submit-url parameter in the sub427D74 function found in the /boafrm/formIpQoS fil...

9CVSS7.4AI score0.00728EPSS
Exploits1References5
OSV
OSV
added 2026/02/20 8:25 p.m.7 views

CVE-2026-2854

A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...

8.8CVSS6.4AI score0.00642EPSS
Exploits1References5
CVE
CVE
added 2026/02/20 8:2 p.m.23 views

CVE-2026-2855

CVE-2026-2855 affects D-Link DWR-M960 firmware version 1.01.07. The vulnerability stems from the function sub_4648F0 in the DDNS Settings Handler, specifically in the /boafrm/formDdns file. Manipulation of the submit-url argument can trigger a stack-based buffer overflow, enabling remote exploita...

9CVSS8.7AI score0.0062EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/20 7:2 p.m.4 views

CVE-2026-2854

A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...

9CVSS6.2AI score0.00642EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/20 7:2 p.m.6 views

CVE-2026-2853 D-Link DWR-M960 System Log Configuration Endpoint formSysLog sub_462E14 stack-based overflow

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...

9CVSS8.9AI score0.00863EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/20 7:2 p.m.5 views

CVE-2026-2853

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...

9CVSS6.3AI score0.00863EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/02/20 7:2 p.m.13 views

CVE-2026-2853

CVE-2026-2853 affects D-Link DWR-M960 firmware 1.01.07, specifically the System Log Configuration Endpoint’s function sub_462E14 in /boafrm/formSysLog. A manipulation of the submit-url argument causes a stack-based buffer overflow, with remote execution potential. The vulnerability is publicly ex...

9CVSS8.8AI score0.00863EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/10 7:33 a.m.7 views

CVE-2026-2218

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

8.8CVSS5.2AI score0.03796EPSS
Exploits1References1
OSV
OSV
added 2026/02/10 4:16 a.m.6 views

CVE-2026-2260

A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This...

7.2CVSS5.6AI score0.04989EPSS
Exploits1References6
CVE
CVE
added 2026/02/10 3:2 a.m.10 views

CVE-2026-2260

CVE-2026-2260 affects D-Link DCS-931L firmware up to 1.13.0. The flaw resides in an unspecified aspect of /goform/setSysAdmin where manipulating AdminID triggers an OS command injection. It is remotely exploitable and the exploit is public, implying remote code execution with high impact in confi...

8.6CVSS5.4AI score0.04989EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/02/09 3:16 a.m.6 views

CVE-2026-2210

A vulnerability has been found in D-Link DIR-823X 250416. This affects the function sub4211C8 of the file /goform/setfiltering. Such manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

7.2CVSS5.5AI score0.03822EPSS
Exploits1References6
CVE
CVE
added 2026/02/09 2:2 a.m.21 views

CVE-2026-2210

CVE-2026-2210 affects D-Link DIR-823X (firmware 250416). The issue is in function sub_4211C8 of /goform/set_filtering, where input manipulation permits OS command injection. Exploitation can be remote over the network, and public disclosure of the exploit is noted. No patch/version details are pr...

8.6CVSS6.8AI score0.03822EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.14 views

PT-2026-7092

A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...

5.8CVSS5.4AI score0.05877EPSS
Exploits1References6
NVD
NVD
added 2026/02/08 6:15 p.m.8 views

CVE-2026-2168

A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

8.8CVSS0.03252EPSS
Exploits1References5
Rows per page
Query Builder