14 matches found
CVE-2026-2168
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
CVE-2026-2169
A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...
CVE-2026-2169
CVE-2026-2169 affects the D-Link DWR‑M921 (firmware 1.1.50). The vulnerability resides in the /boafrm/formLtefotaUpgradeFibocom component where manipulation of the fota_url argument enables command injection. It allows remote exploitation and has been publicly disclosed. Public documents do not p...
CVE-2026-2168
D-Link DWR-M921 (firmware 1.1.50) is affected by CVE-2026-2168. The vulnerability lies in the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel, where manipulation of the fota_url argument enables command injection. The issue can be exploited remotely and an exploit has been publi...
EUVD-2026-5781
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
D-Link DWR-M921 命令注入漏洞
The D-Link DWR-M921 is a router produced by D-Link Corporation. Version 1.1.50 of the D-Link DWR-M921 contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter fotaurl in the file /boafrm/formLtefotaUpgradeQuectel, which may lead to command...
D-Link DWR-M921 命令注入漏洞
The D-Link DWR-M921 is a router produced by D-Link Corporation. Version 1.1.50 of the D-Link DWR-M921 contains a command injection vulnerability. This vulnerability arises from incorrect handling of parameters in the file /boafrm/formLtefotaUpgradeFibocom, specifically the parameter fotaurl, whic...
CVE-2026-1624
A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. The attack can be launched remotely. The exploit has been disclose...
CVE-2026-1624 D-Link DWR-M961 formLtefotaUpgradeFibocom command injection
A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. The attack can be launched remotely. The exploit has been disclose...
CVE-2026-1624 D-Link DWR-M961 formLtefotaUpgradeFibocom command injection
A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. The attack can be launched remotely. The exploit has been disclose...
CVE-2026-1596
A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. The attack is possible to be carried out remotely. The exploit has been published a...
CVE-2026-1596 D-Link DWR-M961 formLtefotaUpgradeQuectel sub_419920 command injection
A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. The attack is possible to be carried out remotely. The exploit has been published a...
CVE-2025-15192
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...
CVE-2025-15192 D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 command injection
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...