896 matches found
CVE-2026-2856
A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub424AFC of the file /boafrm/formFilter of the component Filter Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be...
CVE-2026-2855
A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...
D-Link DWR-M960 安全漏洞
The D-Link DWR-M960 is a router produced by D-Link Corporation. The D-Link DWR-M960 version 1.01.07 has a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file /boafrm/formLteSetup, specifically the submit-url parameter. This could lead to a stack buff...
CVE-2026-2883
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed an...
CVE-2026-2881
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...
CVE-2026-2853
A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...
D-Link DWR-M960 安全漏洞
The D-Link DWR-M960 is a router produced by D-Link Corporation. The D-Link DWR-M960 version 1.01.07 has a security vulnerability. This vulnerability stems from the stack buffer overflow issue in the operation of the submit-url parameter in the sub427D74 function found in the /boafrm/formIpQoS fil...
CVE-2026-2854
A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...
CVE-2026-2855
CVE-2026-2855 affects D-Link DWR-M960 firmware version 1.01.07. The vulnerability stems from the function sub_4648F0 in the DDNS Settings Handler, specifically in the /boafrm/formDdns file. Manipulation of the submit-url argument can trigger a stack-based buffer overflow, enabling remote exploita...
CVE-2026-2854
A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...
CVE-2026-2853 D-Link DWR-M960 System Log Configuration Endpoint formSysLog sub_462E14 stack-based overflow
A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...
CVE-2026-2853
A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...
CVE-2026-2853
CVE-2026-2853 affects D-Link DWR-M960 firmware 1.01.07, specifically the System Log Configuration Endpoint’s function sub_462E14 in /boafrm/formSysLog. A manipulation of the submit-url argument causes a stack-based buffer overflow, with remote execution potential. The vulnerability is publicly ex...
CVE-2026-2218
A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2026-2260
A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This...
CVE-2026-2260
CVE-2026-2260 affects D-Link DCS-931L firmware up to 1.13.0. The flaw resides in an unspecified aspect of /goform/setSysAdmin where manipulating AdminID triggers an OS command injection. It is remotely exploitable and the exploit is public, implying remote code execution with high impact in confi...
CVE-2026-2210
A vulnerability has been found in D-Link DIR-823X 250416. This affects the function sub4211C8 of the file /goform/setfiltering. Such manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2026-2210
CVE-2026-2210 affects D-Link DIR-823X (firmware 250416). The issue is in function sub_4211C8 of /goform/set_filtering, where input manipulation permits OS command injection. Exploitation can be remote over the network, and public disclosure of the exploit is noted. No patch/version details are pr...
PT-2026-7092
A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...
CVE-2026-2168
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...