288 matches found
CVE-2025-9583
A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function pingconfig of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...
CVE-2025-9583
A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function pingconfig of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...
CVE-2025-9584
A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the function updateinterfacepng of the file /usr/bin/webmgnt. The manipulation of the argument interface/displayname results in command injection. The attack can be executed remotely. The exploit has been made public and...
CVE-2025-9584
CVE-2025-9584 affects Comfast CF-N1 v2.6.0. The issue is in the function update_interface_png of /usr/bin/webmgnt, where manipulating the interface/display_name argument leads to a remote command-injection . Exploitation is possible remotely and the exploit has been publicized. Multiple sources c...
CVE-2025-9583
CVE-2025-9583 affects Comfast CF-N1 (firmware 2.6.0). The vulnerability resides in the ping_config function of /usr/bin/webmgnt, enabling command injection with remote exploitation; the exploit has been publicly disclosed. Mitigation guidance in the sources includes restricting access to /usr/bin...
CVE-2025-9582 Comfast CF-N1 webmgnt ntp_timezone command injection
A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntptimezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-9582
The CVE-2025-9582 entry concerns Comfast CF-N1 firmware version 2.6.0. The flaw lies in the ntp_timezone function in the /usr/bin/webmgnt binary where manipulating the timestr argument can cause a command injection. The attack is described as remote capable and an exploit has been published. Cons...
CVE-2025-9581
A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-9581
A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-9581 Comfast CF-N1 webmgnt multi_pppoe command injection
A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...
CVE-2025-9581 Comfast CF-N1 webmgnt multi_pppoe command injection
A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...
COMFAST CF-N1 安全漏洞
COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter timestr in the file /usr/bin/webmgnt...
PT-2025-35137
Name of the Vulnerable Software and Affected Versions: Comfast CF-N1 version 2.6.0 Description: A vulnerability exists in Comfast CF-N1 version 2.6.0 due to command injection. Manipulation of the portal delete picname argument within the wifilith delete pic file function, located in the...
PT-2025-35134
Name of the Vulnerable Software and Affected Versions: Comfast CF-N1 version 2.6.0 Description: A flaw exists in the ntp timezone function within the /usr/bin/webmgnt file. Manipulation of the timestr argument can lead to command injection, potentially allowing for remote attacks. The exploit for...
COMFAST CF-N1 安全漏洞
COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter pingconfig in the file /usr/bin/webmgnt...
PT-2025-35136
Name of the Vulnerable Software and Affected Versions: Comfast CF-N1 version 2.6.0 Description: A vulnerability exists in Comfast CF-N1 version 2.6.0 due to command injection. The issue is located in the update interface png function within the /usr/bin/webmgnt file. Manipulation of the...
COMFAST CF-N1 安全漏洞
COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter portaldeletepicname in the file /usr/bin/webmgnt...
COMFAST CF-N1 安全漏洞
COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter phyinterface in the file /usr/bin/webmgnt...
PT-2025-35132
Name of the Vulnerable Software and Affected Versions: Comfast CF-N1 version 2.6.0 Description: A vulnerability exists in Comfast CF-N1 version 2.6.0 within the multi pppoe function located in the /usr/bin/webmgnt file. Manipulation of the phy interface argument can lead to command injection. Thi...
COMFAST CF-N1 安全漏洞
COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter interface/displayname in the file /usr/bin/webmgnt...