Vulnerability Details CVE-2026-2960
A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2026-2960
-
cpe:2.3:h:dlink:dwr-m960:b1
-
cpe:2.3:o:dlink:dwr-m960_firmware:1.01.07