Security Advisory

CVE-2026-2168

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-08 17:32:08

Last updated 2026-02-23 09:45:43

Assigner VulDB

State PUBLISHED

Description

A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.

← Browse all CVEs View on cve.org ↗