CVE-2026-2883

Name of the Vulnerable Software and Affected Versions D-Link DWR-M960 version 1.01.07

Description A flaw exists in the D-Link DWR-M960 router, specifically in the function sub 427D74 located within the /boafrm/formIpQoS component. Manipulation of the submit-url argument can lead to a stack-based buffer overflow. This allows for remote execution of code or a denial-of-service condition. The exploit for this issue has been publicly disclosed.

Recommendations Update to a newer version of the DWR-M960 router that addresses this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.