CVE-2026-2855 | D-Link DWR-M960 1.01.07 DDNS Settings /boafrm/formDdns sub_4648F0 submit-url stack-based overflow

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability was found in D-Link DWR-M960 1.01.07. It has been classified as critical. Affected is the function sub_4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow.

This vulnerability is listed as CVE-2026-2855. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-2855 | D-Link DWR-M960 1.01.07 DDNS Settings /boafrm/formDdns sub_4648F0 submit-url stack-based overflow

Post correlati

CVE-2025-49547 | Adobe Experience Manager up to 11.4 cross site scripting (apsb25-68)

CVE-2023-50885 | Store Locator Plugin up to 1.4.14 on WordPress path traversal

CVE-2024-10325 | Elementor Header & Footer Builder Plugin up to 1.6.45 on WordPress SVG File Upload cross site scripting

CVE-2024-47780 | TYPO3 up to 10.4.45/11.5.39/12.4.20/13.3.0 authorization (GHSA-rf5m-h8q9-9w6q)