D-Link DWR-M920
Approved changes feed: RSS · Atom
cpe:2.3:h:dlink:dwr-m920:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Dlink (b610c9ff-f722-5d9d-a6df-9bee7f4d4b44) |
|---|---|
| Product | Dwr M920 (d9ee65e7-832a-529c-a890-bb927800d35e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-15193 |
not_vulnerable | 2026-06-03 14:58:56.620698 |
D-Link DWR-M920 formParentControl sub_423848 buffer overflow
HIGH (8.8)
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_423848 of the file /boafrm/formParentControl. Performing manipulation of the argument submit-url results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
Published: 2025-12-29T15:02:08.698Z
Updated: 2025-12-29T16:10:51.648Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-15192 |
not_vulnerable | 2026-06-03 14:58:56.620255 |
D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 command injection
MEDIUM (6.3)
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fota_url leads to command injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Published: 2025-12-29T14:32:08.392Z
Updated: 2025-12-29T16:11:38.000Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-15191 |
not_vulnerable | 2026-06-03 14:58:56.619596 |
D-Link DWR-M920 formLtefotaUpgradeFibocom sub_4155B4 command injection
MEDIUM (6.3)
A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_4155B4 of the file /boafrm/formLtefotaUpgradeFibocom. This manipulation of the argument fota_url causes command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
Published: 2025-12-29T14:02:07.207Z
Updated: 2025-12-29T14:26:08.160Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-15190 |
not_vulnerable | 2026-06-03 14:58:56.619097 |
D-Link DWR-M920 formFilter sub_42261C stack-based overflow
HIGH (8.8)
A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. Impacted is the function sub_42261C of the file /boafrm/formFilter. The manipulation of the argument ip6addr results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be exploited.
Published: 2025-12-29T13:32:08.616Z
Updated: 2025-12-29T14:26:52.164Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-15189 |
not_vulnerable | 2026-06-03 14:58:56.618341 |
D-Link DWR-M920 formDefRoute sub_464794 buffer overflow
HIGH (8.8)
A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This issue affects the function sub_464794 of the file /boafrm/formDefRoute. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.
Published: 2025-12-29T13:02:11.742Z
Updated: 2025-12-29T13:15:00.973Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13553 |
not_vulnerable | 2026-06-03 14:58:46.388188 |
D-Link DWR-M920 formPinManageSetup sub_41C7FC buffer overflow
HIGH (8.8)
A weakness has been identified in D-Link DWR-M920 1.1.50. This affects the function sub_41C7FC of the file /boafrm/formPinManageSetup. This manipulation of the argument submit-url causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
Published: 2025-11-23T14:02:06.345Z
Updated: 2025-11-24T16:22:14.239Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13305 |
not_vulnerable | 2026-06-03 14:58:45.862401 |
D-Link DWR-M920/DWR-M921/DWR-M960/DIR-822K/DIR-825M formTracerouteDiagnosticRun buffer overflow
HIGH (8.8)
A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Published: 2025-11-17T23:02:06.147Z
Updated: 2025-11-18T14:41:07.089Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13304 |
not_vulnerable | 2026-06-03 14:58:45.853044 |
D-Link DWR-M920/DWR-M921/DWR-M960/DWR-M961/DIR-825M formPingDiagnosticRun buffer overflow
HIGH (8.8)
A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
Published: 2025-11-17T22:32:07.051Z
Updated: 2025-11-18T16:36:42.638Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.