Loading market data...
← Back to CVE feed

CVE-2026-11339

MEDIUM CVSS 6.3 View on NVD ↗

Description

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Published: Jun 05, 2026 17:16 UTC Modified: Jun 05, 2026 19:03 UTC