CVE-2026-2857 | D-Link DWR-M960 1.01.07 Port Forwarding Configuration Endpoint /boafrm/formPortFw sub_423E00 submit-url stack-based overflow

Inserito da Angelo Barbosa | Feb 20, 2026 | CVE

A vulnerability was found in D-Link DWR-M960 1.01.07. It has been rated as critical. Affected by this issue is the function sub_423E00 of the file /boafrm/formPortFw of the component Port Forwarding Configuration Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow.

This vulnerability is registered as CVE-2026-2857. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-2857 | D-Link DWR-M960 1.01.07 Port Forwarding Configuration Endpoint /boafrm/formPortFw sub_423E00 submit-url stack-based overflow

Post correlati

CVE-2023-49274 | Umbraco CMS up to 8.18.9 Reset Password information disclosure (GHSA-8qp8-9rpw-j46c)

CVE-2025-41729 | Janitza UMG 96-PA/UMG 96-PA-MID+ up to 3.53 Modbus improper validation of specified type of input (VDE-2025-094)

CVE-2025-1627 | Qode Interactive Qi Blocks Plugin up to 1.3 on WordPress Block Option cross site scripting

CVE-2024-26154 | ETIC Telecom Remote Access Server RAS up to 4.4.x Web Server cross site scripting (icsa-22-307-01)