A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub_419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
PUBLISHED5.2CWE-77CWE-74
D-Link DWR-M921 USSD Configuration Endpoint formUSSDSetup sub_419F20 command injection
Problem type
Affected products
D-Link
DWR-M921
1.1.50 - AFFECTED
References
VDB-344652 | D-Link DWR-M921 USSD Configuration Endpoint formUSSDSetup sub_419F20 command injection
https://vuldb.com/?id.344652
VDB-344652 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/?ctiid.344652
Submit #746400 | D-Link DWR-M921 V1.1.50 Command Injection
https://vuldb.com/?submit.746400
github.com
https://github.com/LX-66-LX/cve-new/issues/1
github.com
https://github.com/LX-66-LX/cve-new/issues/1#issue-3851345029
dlink.com
https://www.dlink.com/
GitHub Security Advisories
GHSA-377q-fc84-7fvf
A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function...
https://github.com/advisories/GHSA-377q-fc84-7fvfA security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub_419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2026-2085
github.com
https://github.com/LX-66-LX/cve-new/issues/1
github.com
https://github.com/LX-66-LX/cve-new/issues/1#issue-3851345029
vuldb.com
https://vuldb.com/?ctiid.344652
vuldb.com
https://vuldb.com/?id.344652
vuldb.com
https://vuldb.com/?submit.746400
dlink.com
https://www.dlink.com
github.com
https://github.com/advisories/GHSA-377q-fc84-7fvf
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-2085Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-2085",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2026-02-07T12:02:08.316Z",
"dateReserved": "2026-02-06T08:20:31.394Z",
"datePublished": "2026-02-07T12:02:08.316Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2026-02-07T12:02:08.316Z"
},
"title": "D-Link DWR-M921 USSD Configuration Endpoint formUSSDSetup sub_419F20 command injection",
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub_419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used."
}
],
"affected": [
{
"vendor": "D-Link",
"product": "DWR-M921",
"modules": [
"USSD Configuration Endpoint"
],
"versions": [
{
"version": "1.1.50",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Command Injection",
"cweId": "CWE-77",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "Injection",
"cweId": "CWE-74",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?id.344652",
"name": "VDB-344652 | D-Link DWR-M921 USSD Configuration Endpoint formUSSDSetup sub_419F20 command injection",
"tags": [
"vdb-entry",
"technical-description"
]
},
{
"url": "https://vuldb.com/?ctiid.344652",
"name": "VDB-344652 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/?submit.746400",
"name": "Submit #746400 | D-Link DWR-M921 V1.1.50 Command Injection",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://github.com/LX-66-LX/cve-new/issues/1",
"tags": [
"issue-tracking"
]
},
{
"url": "https://github.com/LX-66-LX/cve-new/issues/1#issue-3851345029",
"tags": [
"exploit",
"issue-tracking"
]
},
{
"url": "https://www.dlink.com/",
"tags": [
"product"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"baseScore": 8.3
}
}
],
"timeline": [
{
"time": "2026-02-06T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2026-02-06T01:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2026-02-06T09:25:38.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "LX-66-LX (VulDB User)",
"type": "reporter"
}
]
}
}
}