Search
Search Results (4 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-1625 | 2 D-link, Dlink | 3 Dwr-961, Dwr-m961, Dwr-m961 Firmware | 2026-02-23 | 6.3 Medium |
| A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub_4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument action_value results in command injection. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2026-1624 | 2 D-link, Dlink | 3 Dwr-961, Dwr-m961, Dwr-m961 Firmware | 2026-02-23 | 6.3 Medium |
| A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fota_url leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-1596 | 2 D-link, Dlink | 3 Dwr-m961, Dwr-m961, Dwr-m961 Firmware | 2026-02-23 | 6.3 Medium |
| A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. | ||||
| CVE-2025-3785 | 1 Dlink | 2 Dwr-m961, Dwr-m961 Firmware | 2025-07-16 | 8.8 High |
| A vulnerability has been found in D-Link DWR-M961 1.1.36 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formStaticDHCP of the component Authorization Interface. The manipulation of the argument Hostname leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.1.49 is able to address this issue. It is recommended to upgrade the affected component. | ||||
Page 1 of 1.