CVE-2025-15191
CVE-2025-15191 affects D-Link DWR-M920 devices ≤ 1.1.50. The issue is a command injection in the function sub_4155B4 of /boafrm/formLtefotaUpgradeFibocom caused by manipulated fota_url, enabling remote exploitation. Public PoCs/exploits exist. Remediation in public advisories recommends upgrading...