VYPR

Dwr M961 Firmware

by Dlink

CVEs (3)

  • CVE-2026-1625MedJan 29, 2026
    risk 0.41cvss 6.3epss 0.03

    A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub_4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument action_value results in command injection. The attack may be…

  • CVE-2026-1624MedJan 29, 2026
    risk 0.41cvss 6.3epss 0.03

    A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fota_url leads to command injection. The attack can be launched remotely. The…

  • CVE-2026-1596MedJan 29, 2026
    risk 0.41cvss 6.3epss 0.02

    A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes command injection. The attack is possible to be carried out remotely. The exploit…