CVE-2026-2169 | D-Link DWR-M921 1.1.50 formLtefotaUpgradeFibocom fota_url command injection

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability categorized as critical has been discovered in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fota_url leads to command injection.

This vulnerability is referenced as CVE-2026-2169. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-2169 | D-Link DWR-M921 1.1.50 formLtefotaUpgradeFibocom fota_url command injection

Post correlati

CVE-2025-21040 | Samsung S Assistant up to 9.3.1 intent by broadcast receiver

Highfivery Zero Spam Plugin sql injection

CVE-2024-44205 | Apple macOS log file

CVE-2024-6234 | Red Hat Ansible Automation Platform EDA Server information disclosure