5 matches found
CVE-2026-2168
D-Link DWR-M921 (firmware 1.1.50) is affected by CVE-2026-2168. The vulnerability lies in the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel, where manipulation of the fota_url argument enables command injection. The issue can be exploited remotely and an exploit has been publi...
CVE-2026-1596
A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. The attack is possible to be carried out remotely. The exploit has been published a...
CVE-2026-1596
The CVE-2026-1596 entry affects D-Link DWR-M961 firmware 1.1.47, specifically the function sub_419920 in /boafrm/formLtefotaUpgradeQuectel. The vulnerability arises from manipulation of the fota_url argument, enabling remote command injection. Public exploitations exist, indicating potential in-t...
CVE-2026-1596 D-Link DWR-M961 formLtefotaUpgradeQuectel sub_419920 command injection
A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. The attack is possible to be carried out remotely. The exploit has been published a...
The vulnerability of the formLtefotaUpgradeQuectel function in the microprogrammed routing software of Edimax BR-6478AC allows a hacker to execute arbitrary code.
The vulnerability of the formLtefotaUpgradeQuectel function in the microprogrammed routing software of Edimax BR-6478AC is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the fotaurl parameter. Exploiting this vulnerability allow...