CVE-2026-1625 | D-Link DWR-M961 1.1.47 SMS Message /boafrm/formSmsManage sub_4250E0 action_value command injection

A vulnerability was found in D-Link DWR-M961 1.1.47. It has been classified as critical. The impacted element is the function sub_4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument action_value results in command injection.

This vulnerability was named CVE-2026-1625. The attack may be initiated remotely. In addition, an exploit is available.VulDB Recent EntriesRead More