CVE-2026-11341 PUBLISHED

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEI_value causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used.

• kkff33 (VulDB User) reporter

• VDB-368882 | D-Link DWR-M920 formIMEISetup sub_412DA0 os command injection
• VDB-368882 | CTI Indicators (IOB, IOC, TTP, IOA)
• CVE-2026-11341 | CVE Analysis and Report
• Submit #832593 | D-Link DWR-M920 1.1.50 Command Injection and Stack Buffer Overflow
• https://github.com/7u7777/Dlink/blob/DWR-M920/formIMEISetup.md
• https://www.dlink.com/

• OS Command Injection CWE
• Command Injection CWE