CVE-2026-11341 | D-Link DWR-M920 up to 1.1.50 /boafrm/formIMEISetup sub_412DA0 IMEI_value os command injection

Inserito da Angelo Barbosa | Giu 5, 2026 | CVE

A vulnerability identified as critical has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEI_value causes os command injection.

This vulnerability is handled as CVE-2026-11341. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-11341 | D-Link DWR-M920 up to 1.1.50 /boafrm/formIMEISetup sub_412DA0 IMEI_value os command injection

Post correlati

CVE-2024-1398 | Ultimate Bootstrap Elements for Elementor Plugin up to 1.3.6 on WordPress cross site scripting

CVE-2025-58083 | General Industrial Controls Lynx+ Gateway R08/V03/V05/V18 Embedded Web Server missing authentication (icsa-25-317-08)

CVE-2026-34866 | Huawei HarmonyOS 6.0.0 Web Module buffer overflow

CVE-2025-10214 | UPDF 1.8.5.0 on Windows UPDF.exe uncontrolled search path (EUVD-2025-27532)