D-Link DWR-M960 安全漏洞

The D-Link DWR-M960 is a router produced by D-Link Corporation. Version 1.01.07 of the D-Link DWR-M960 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters submitted by the function sub4196C4 in the component VPN Configuration Endpoint, specifically...

Buffer Access with Incorrect Length Value

Overview Affected versions of this package are vulnerable to Buffer Access with Incorrect Length Value via the readSeparateStripsIntoBuffer function in tiffcrop component. A process can crash on malformed TIFF directory that triggers a stack overflow. Remediation Upgrade libtiff to version 4.7.1 ...

CVE-2026-2959

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit i...

CVE-2026-2959 D-Link DWR-M960 formNewSchedule sub_44E0F8 stack-based overflow

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit i...

CVE-2026-2959

This CVE concerns the D-Link DWR-M960 (firmware 1.01.07). The vulnerability affects the function sub_44E0F8 in the file /boafrm/formNewSchedule; manipulating the argument url triggers a stack-based buffer overflow. It is a remote, network-attackable issue with high impact on confidentiality, inte...

CVE-2026-2959 D-Link DWR-M960 formNewSchedule sub_44E0F8 stack-based overflow

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit i...

CVE-2026-2958

A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub457C5C of the file /boafrm/formWsc. Such manipulation of the argument saveapply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and...

CVE-2026-2958 D-Link DWR-M960 formWsc sub_457C5C stack-based overflow

A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub457C5C of the file /boafrm/formWsc. Such manipulation of the argument saveapply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and...

CVE-2026-2958

CVE-2026-2958 (D-Link DWR‑M960) affects firmware version 1.01.07. The vulnerability is in the function sub_457C5C of the file /boafrm/formWsc, where manipulating the argument save_apply triggers a stack-based buffer overflow. Exploitation is feasible remotely and has been publicly disclosed. The ...

CVE-2026-2958 D-Link DWR-M960 formWsc sub_457C5C stack-based overflow

A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub457C5C of the file /boafrm/formWsc. Such manipulation of the argument saveapply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and...

CVE-2026-2870

A security flaw has been discovered in Tenda A21 1.0.0.0. Affected by this issue is the function setqosMiblist of the file /goform/formSetQosBand. The manipulation of the argument list results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to th...

CVE-2026-2876

A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parsemacfilterrule of the file /goform/setBlackRule. This manipulation of the argument deviceList causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed an...

CVE-2026-2930 Tenda A18 Httpd Service UploadCfg webCgiGetUploadFile stack-based overflow

A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be executed remotely. Th...

CVE-2026-2930 Tenda A18 Httpd Service UploadCfg webCgiGetUploadFile stack-based overflow

A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be executed remotely. Th...

CVE-2026-2930

CVE-2026-2930 affects Tenda A18 firmware 15.13.07.13. The vulnerability is in the Httpd Service, specifically the function webCgiGetUploadFile in /cgi-bin/UploadCfg, where improper argument boundary handling causes a stack-based buffer overflow. Exploitation can be performed remotely, and public ...

CVE-2026-2929

CVE-2026-2929 affects D-Link DWR-M960 router (version 1.01.07). It targets the Wireless Access Control Endpoint, specifically the sub_453140 function in /boafrm/formWlAc. Manipulating the submit-url argument triggers a stack-based buffer overflow, with remote code execution possible. Public explo...

CVE-2026-2929 D-Link DWR-M960 Wireless Access Control Endpoint formWlAc sub_453140 stack-based overflow

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is...

CVE-2026-2929

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is...

CVE-2026-2929 D-Link DWR-M960 Wireless Access Control Endpoint formWlAc sub_453140 stack-based overflow

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is...

CVE-2026-2928

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched...