CVE-2026-10878

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

CVE-2026-10878 D-Link DWR-M920 formSmsManage sub_41C8E8 command injection

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

CVE-2026-10878

The CVE concerns D-Link DWR-M920 firmware versions 1.1.50/1.1.70. The vulnerability is in the function sub_41C8E8 of /boafrm/formSmsManage, where manipulating the action_value argument results in a command injection. It is exploitable remotely, and the exploit is publicly available. No remediatio...

EUVD-2026-34775

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument actionvalue results in command injection. The attack is possible to be carried out remotely. The exploit is now public and...

PT-2026-46838

A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub 41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action value results in command injection. The attack is possible to be carried out remotely. The exploit is now public a...

CVE-2026-1625

A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument actionvalue results in command injection. The attack may be initiated remotely. The...

CVE-2026-1625 D-Link DWR-M961 SMS Message formSmsManage sub_4250E0 command injection

A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument actionvalue results in command injection. The attack may be initiated remotely. The...

D-Link DWR-M961 has a command injection vulnerability

The D-Link DWR-M961 is a router produced by D-Link Corporation. Version 1.1.47 of the D-Link DWR-M961 contains a command injection vulnerability. This vulnerability arises from incorrect operations on the parameter actionvalue in the file /boafrm/formSmsManage, which may lead to command injection...

PT-2026-5366

Name of the Vulnerable Software and Affected Versions D-Link DWR-M961 version 1.1.47 Description A flaw exists in the SMS Message component of D-Link DWR-M961 version 1.1.47. Specifically, the sub 4250E0 function within the /boafrm/formSmsManage file is susceptible to command injection. This occu...