D-Link Dwr M960
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in D-Link Dwr M960.
By the Year
In 2026 there have been 20 vulnerabilities in D-Link Dwr M960 with an average score of 8.8 out of ten. Last year, in 2025 Dwr M960 had 2 security vulnerabilities published. That is, 18 more vulnerabilities have already been reported in 2026 as compared to last year. Interestingly, the average vulnerability score and the number of vulnerabilities for 2026 and last year was the same.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 20 | 8.80 |
| 2025 | 2 | 8.80 |
It may take a day or so for new Dwr M960 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent D-Link Dwr M960 Security Vulnerabilities
D-Link DWR-M960 1.01.07 Scheduled Reboot Endpoint Stack BFOver
CVE-2026-2962
8.8 - High
- February 23, 2026
A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.
Stack Overflow
Stack Overflow in D-Link DWR-M960 1.01.07 VPN Config Endpoint via submit-url
CVE-2026-2961
8.8 - High
- February 23, 2026
A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Stack Overflow
D-Link DWR-M960 1.01.07: stack buffer overflow via submit-url
CVE-2026-2960
8.8 - High
- February 23, 2026
A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.
Stack Overflow
D-Link DWR-M960 1.01.07 Buffer Overflow via formNewSchedule Modifiable URL
CVE-2026-2959
8.8 - High
- February 22, 2026
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used.
Stack Overflow
D-Link DWR-M960 1.01.07 stack-based buffer overflow in sub_457C5C (remote)
CVE-2026-2958
8.8 - High
- February 22, 2026
A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /boafrm/formWsc. Such manipulation of the argument save_apply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
Stack Overflow
D-Link DWR-M960 1.01.07 WAC Endpoint Bof via submit-url
CVE-2026-2929
8.8 - High
- February 22, 2026
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Stack Overflow
D-Link DWR-M960 1.01.07 WLAN Encryption Config Endpoint Stack Overflow
CVE-2026-2928
8.8 - High
- February 22, 2026
A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.
Stack Overflow
Stack-based buffer overflow in D-Link DWR-M960 1.01.07 OpMode Cfg
CVE-2026-2927
8.8 - High
- February 22, 2026
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_462590 of the file /boafrm/formOpMode of the component Operation Mode Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Stack Overflow
D-Link DWR-M960 1.01.07 LTE Config Stack Buffer Overflow (remote)
CVE-2026-2926
8.8 - High
- February 22, 2026
A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
Stack Overflow
D-Link DWR-M960 1.01.07 Bridge VLAN Buffer Overflow (sub_42B5A0)
CVE-2026-2925
8.8 - High
- February 22, 2026
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
Stack Overflow
D-Link DWR-M960 1.01.07 Buffer Overflow: sub_469104 in formIpv6Setup
CVE-2026-2885
8.8 - High
- February 21, 2026
A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub_469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.
Stack Overflow
D-Link DWR-M960 1.01.07 WAN Handler Stack Buffer Overflow
CVE-2026-2884
8.8 - High
- February 21, 2026
A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub_41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
Stack Overflow
Stack Buffer Overflow in D-Link DWR-M960 1.01.07 via submit-url
CVE-2026-2883
8.8 - High
- February 21, 2026
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
Stack Overflow
D-Link DWR-M960 1.01.07: Remote Stack Buffer Overflow in submiturl
CVE-2026-2882
8.8 - High
- February 21, 2026
A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Stack Overflow
Stack Buffer Overflow in D-Link DWR-M960 1.01.07 Advanced Firewall Config
CVE-2026-2881
8.8 - High
- February 21, 2026
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Stack Overflow
Stack Buffer Overflow in D-Link DWR-M960 1.01.07 Port Forwarding
CVE-2026-2857
8.8 - High
- February 20, 2026
A vulnerability was determined in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_423E00 of the file /boafrm/formPortFw of the component Port Forwarding Configuration Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Stack Overflow
Stack Buffer Overflow in D-Link DWR-M960 1.01.07 Filter Config Endpoint
CVE-2026-2856
8.8 - High
- February 20, 2026
A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_424AFC of the file /boafrm/formFilter of the component Filter Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.
Stack Overflow
D-Link DWRM960 1.01.07 DDNS Settings Buffer Overflow via submit-url
CVE-2026-2855
8.8 - High
- February 20, 2026
A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub_4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Stack Overflow
Stack Bf Fol on D-Link DWR-M960 1.01.07 NTP Config Endpoint
CVE-2026-2854
8.8 - High
- February 20, 2026
A flaw has been found in D-Link DWR-M960 1.01.07. This impacts the function sub_4611CC of the file /boafrm/formNtp of the component NTP Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
Stack Overflow
Stack Buffer Overflow in D-Link DWR-M960 1.01.07 SysLog Endpoint
CVE-2026-2853
8.8 - High
- February 20, 2026
A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub_462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
Stack Overflow
D-Link DWR-M920/M921/M960, DIR-822K/825M 1.01.07 Buffer Overflow in /boafrm/diag
CVE-2025-13305
8.8 - High
- November 17, 2025
A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Classic Buffer Overflow
D-Link Router Buffer Overflow in /boafrm/formPingDiagnosticRun
CVE-2025-13304
8.8 - High
- November 17, 2025
A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for D-Link Dwr M960 or by D-Link? Click the Watch button to subscribe.
