CVE-2026-2881 – D-Link DWR-M960 Advanced Firewall Configuration Endpoint formFirewallAdv sub_425FF8 stack-based overflow

CVE ID : CVE-2026-2881

Published : Feb. 21, 2026, 8:16 p.m. | 48 minutes ago

Description : A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…