A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.
Published: 2026-02-22
CVSS: 9.0
CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Download Exploit for CVE-2026-2928 here:
Use Tor Browser to access .onion site.
https://sonitex.com/exploit-259-cve-2026-27739/
https://sonitex.com/exploit-442-cve-2026-3485/
https://sonitex.com/exploit-493-cve-2025-40926/