6 matches found
EUVD-2026-34859
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...
EUVD-2026-5780
A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
D-Link DWR-M921 命令注入漏洞
The D-Link DWR-M921 is a router produced by D-Link Corporation. Version 1.1.50 of the D-Link DWR-M921 contains a command injection vulnerability. This vulnerability arises from incorrect operations on the parameter usdValue in the sub419F20 function of the USSD Configuration Endpoint...
EUVD-2025-205586
A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub4155B4 of the file /boafrm/formLtefotaUpgradeFibocom. This manipulation of the argument fotaurl causes command injection. Remote exploitation of the attack is possible. The exploit has been mad...
CVE-2025-15192
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...
PT-2025-53718
Name of the Vulnerable Software and Affected Versions D-Link DWR-M920 versions up to 1.1.50 Description A flaw exists in D-Link DWR-M920 devices running versions up to 1.1.50. This issue involves the manipulation of the fota url argument within the sub 4155B4 function located in the file...