CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

RedhatCVE•added 2026/01/31 3:19 a.m.•6 views

CVE-2026-1624

A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. The attack can be launched remotely. The exploit has been disclose...

8.8CVSS5.7AI score0.02336EPSS

Exploits0References1

RedhatCVE•added 2026/01/31 3:19 a.m.•13 views

CVE-2026-1625

A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument actionvalue results in command injection. The attack may be initiated remotely. The...

8.8CVSS5.7AI score0.02336EPSS

Exploits0References1

RedhatCVE•added 2026/01/30 3:40 p.m.•5 views

CVE-2026-1596

A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. The attack is possible to be carried out remotely. The exploit has been published a...

8.8CVSS5.6AI score0.01648EPSS

Exploits0References1

EUVD•added 2026/01/30 12:31 a.m.•5 views

EUVD-2026-4938

6.5CVSS5.7AI score0.02336EPSS

Exploits0References6

EUVD•added 2026/01/30 12:31 a.m.•6 views

EUVD-2026-4939

6.5CVSS5.7AI score0.02336EPSS

Exploits0References6

OSV•added 2026/01/29 10:15 p.m.•2 views

CVE-2026-1625

8.8CVSS5.7AI score0.02336EPSS

Exploits0References5

OSV•added 2026/01/29 10:15 p.m.•2 views

CVE-2026-1624

8.8CVSS5.6AI score

Exploits0References5

NVD•added 2026/01/29 10:15 p.m.•7 views

CVE-2026-1624

8.8CVSS0.02336EPSS

Exploits0References5

Cvelist•added 2026/01/29 10:2 p.m.•33 views

CVE-2026-1625 D-Link DWR-M961 SMS Message formSmsManage sub_4250E0 command injection

6.5CVSS0.02336EPSS

Exploits0References5

ATTACKERKB•added 2026/01/29 10:2 p.m.•4 views

CVE-2026-1625

6.5CVSS5.7AI score0.02336EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/01/29 10:2 p.m.•4 views

CVE-2026-1625 D-Link DWR-M961 SMS Message formSmsManage sub_4250E0 command injection

6.5CVSS5.2AI score0.02336EPSS

Exploits0References5

CVE•added 2026/01/29 10:2 p.m.•13 views

CVE-2026-1625

CVE-2026-1625 affects D-Link DWR-M961 firmware 1.1.47. The vulnerability is in the SMS Message component, specifically sub_4250E0 in /boafrm/formSmsManage, where manipulating the action_value argument leads to command injection. The attack can be initiated remotely and an exploit is public. The c...

8.8CVSS5.7AI score0.02336EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/01/29 10:2 p.m.•22 views

CVE-2026-1624 D-Link DWR-M961 formLtefotaUpgradeFibocom command injection

6.5CVSS0.02336EPSS

Exploits0References5

ATTACKERKB•added 2026/01/29 10:2 p.m.•8 views

CVE-2026-1624

6.5CVSS5.7AI score0.02336EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/01/29 10:2 p.m.•5 views

CVE-2026-1624 D-Link DWR-M961 formLtefotaUpgradeFibocom command injection

6.5CVSS5.3AI score0.02336EPSS

Exploits0References5

CVE•added 2026/01/29 10:2 p.m.•11 views

CVE-2026-1624

The data confirms a concrete vulnerability in D-Link DWR-M961 v1.1.47 affecting an unknown function in /boafrm/formLtefotaUpgradeFibocom. Manipulation of the argument fota_url enables command injection, with remote exploitation and publicly disclosed exploit information. No remediation details or...

8.8CVSS5.7AI score0.02336EPSS

Exploits0References5Affected Software1

OSV•added 2026/01/29 4:16 p.m.•4 views

CVE-2026-1596

8.8CVSS5.6AI score0.01648EPSS

Exploits0References5

NVD•added 2026/01/29 4:16 p.m.•7 views

CVE-2026-1596

8.8CVSS0.01648EPSS

Exploits0References5

Cvelist•added 2026/01/29 3:32 p.m.•33 views

CVE-2026-1596 D-Link DWR-M961 formLtefotaUpgradeQuectel sub_419920 command injection