D-Link DWR-M960 formDdns File Buffer Overflow Vulnerability

The D-Link DWR-M960 is a router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DWR-M960 formDdns file. The vulnerability stems from a misbehavior of the function sub4648F0 in the file /boafrm/formDdns in the DDNS Settings Handler component with respect to the...

CVE-2026-2960

A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and...

CVE-2026-2959

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit i...

CVE-2026-2962

A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may b...

CVE-2026-2958

A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub457C5C of the file /boafrm/formWsc. Such manipulation of the argument saveapply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and...

CVE-2026-2961

A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried...

CVE-2026-2928

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched...

CVE-2026-2929

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is...

CVE-2026-2927

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub462590 of the file /boafrm/formOpMode of the component Operation Mode Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be...

CVE-2026-2926

A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2026-2881

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...

CVE-2026-2882

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made...

CVE-2026-2883

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed an...

CVE-2026-2885

A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been...

CVE-2026-2884

A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible...

CVE-2026-2960

A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and...

CVE-2026-2961

A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried...

CVE-2026-2962

A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may b...

CVE-2026-2962

A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may b...

CVE-2026-2960

A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and...