CVE-2026-2961
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Analysis
Remote code execution in D-Link DWR-M960 firmware through a stack buffer overflow in the VPN configuration endpoint allows authenticated attackers to execute arbitrary code by manipulating the submit-url parameter. The vulnerability affects firmware version 1.01.07 and public exploit code exists, though no patch is currently available.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all D-Link DWR-M960 devices in production and isolate affected units from critical networks if possible. Within 7 days: Implement network segmentation to restrict access to the /boafrm/formVpnConfigSetup endpoint, disable VPN configuration features if not actively required, and deploy WAF rules to block malicious requests to the vulnerable endpoint. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today