5 matches found
CVE-2026-11341
The CVE-2026-11341 affects the D-Link DWR-M920 series up to firmware 1.1.50. The vulnerability is in the function sub_412DA0 of /boafrm/formIMEISetup, where improper handling of the IMEI_value enables an OS command injection. What is vulnerable: the specific function and file path in the device’s...
CVE-2026-10878 D-Link DWR-M920 formSmsManage sub_41C8E8 command injection
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...
CVE-2025-15193 D-Link DWR-M920 formParentControl sub_423848 buffer overflow
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and...
CVE-2025-13553 D-Link DWR-M920 formPinManageSetup sub_41C7FC buffer overflow
A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub41C7FC of the file /boafrm/formPinManageSetup. This manipulation of the argument submit-url causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the...
PT-2025-47212
Name of the Vulnerable Software and Affected Versions D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961, and DIR-825M versions 1.01.07 through 1.1.47 Description A security issue has been identified in D-Link routers, specifically affecting the models DWR-M920, DWR-M921, DWR-M960, DWR-M961, and...