CVE-2026-11339
- EPSS 3.13%
- Veröffentlicht 05.06.2026 16:30:11
- Zuletzt bearbeitet 09.06.2026 16:17:35
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the att...
CVE-2026-10878
- EPSS 4.24%
- Veröffentlicht 05.06.2026 00:00:17
- Zuletzt bearbeitet 05.06.2026 16:48:39
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub_41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action_value results in command injection. The attack is possible to be ca...
CVE-2025-15193
- EPSS 0.69%
- Veröffentlicht 29.12.2025 15:02:08
- Zuletzt bearbeitet 30.12.2025 20:41:56
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carr...
CVE-2025-15192
- EPSS 3.44%
- Veröffentlicht 29.12.2025 14:32:08
- Zuletzt bearbeitet 29.04.2026 01:00:01
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fota_url leads to command injection. The atta...
CVE-2025-15191
- EPSS 3.44%
- Veröffentlicht 29.12.2025 14:15:56
- Zuletzt bearbeitet 29.04.2026 01:00:01
A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_4155B4 of the file /boafrm/formLtefotaUpgradeFibocom. This manipulation of the argument fota_url causes command injection. Remote exploitation of...
CVE-2025-15190
- EPSS 0.69%
- Veröffentlicht 29.12.2025 13:32:08
- Zuletzt bearbeitet 30.12.2025 20:41:18
A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub_42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remot...
CVE-2025-15189
- EPSS 0.69%
- Veröffentlicht 29.12.2025 13:15:41
- Zuletzt bearbeitet 30.12.2025 20:40:55
A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This issue affects the function sub_464794 of the file /boafrm/formDefRoute. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. T...
- EPSS 0.63%
- Veröffentlicht 23.11.2025 14:15:46
- Zuletzt bearbeitet 26.11.2025 17:22:51
A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub_41C7FC of the file /boafrm/formPinManageSetup. This manipulation of the argument submit-url causes buffer overflow. It is possible to initiate the attack remotely...
- EPSS 0.68%
- Veröffentlicht 23.11.2025 13:32:06
- Zuletzt bearbeitet 02.12.2025 03:31:48
A security flaw has been discovered in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The impacted element is an unknown function of the file /boafrm/formWlEncrypt. The manipulation of the argument submit-url results in buffer overflow. The...
- EPSS 0.68%
- Veröffentlicht 23.11.2025 13:15:47
- Zuletzt bearbeitet 02.12.2025 03:31:56
A vulnerability was identified in D-Link DIR-822K and DWR-M920 1.00_20250513164613/1.1.50. The affected element is an unknown function of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. The a...