CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 4 days ago•6 views

CVE-2026-12814

6.5CVSS6.1AI score0.01182EPSS

Exploits0References5Affected Software1

Cvelist•added 4 days ago•17 views

CVE-2026-12814 Comfast CF-WR631AX V3 API Endpoint mbox-config system os command injection

6.5CVSS0.01182EPSS

CVE•added 4 days ago•10 views

CVE-2026-12814

CVE-2026-12814 affects Comfast CF-WR631AX V3 up to version 2.7.0.8. The vulnerability is located in the API Endpoint component, specifically the file path /cgi-bin/mbox-config?section=ping_config, where manipulation of the destination argument leads to an OS command injection. The issue can be ex...

6.5CVSS6.1AI score0.01182EPSS

Positive Technologies•added 4 days ago•9 views

PT-2026-51261

Name of the Vulnerable Software and Affected Versions Comfast CF-WR631AX V3 versions prior to 2.7.0.8 Description A remote OS command injection flaw exists in the API Endpoint component. The issue occurs within the system function of the '/cgi-bin/mbox-config?section=ping config' endpoint when th...

6.5CVSS6.9AI score0.01182EPSS

Exploits0References9

RedhatCVE•added 2026/06/05 7:47 p.m.•7 views

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The attack can...

6.5CVSS6.3AI score0.01181EPSS

EUVD•added 2026/04/22 12:31 a.m.•2 views

EUVD-2026-24503

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS5.5AI score0.01181EPSS

NVD•added 2026/04/21 10:16 p.m.•2 views

CVE-2026-6799

6.5CVSS0.01181EPSS

Vulnrichment•added 2026/04/21 9:0 p.m.•2 views

CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection

6.5CVSS6.3AI score0.01181EPSS

CVE•added 2026/04/21 9:0 p.m.•9 views

CVE-2026-6799

CVE-2026-6799 affects Comfast CF-N1-S (firmware 2.6.0.1). The issue is a command injection in the Endpoint component via /cgi-bin/mbox-config?method=SET&section=ping_config, caused by manipulating the destination argument. The vulnerability is exploitable remotely; exploit exists as per descripti...

6.5CVSS6.3AI score0.01181EPSS

ATTACKERKB•added 2026/04/21 9:0 p.m.•1 views

CVE-2026-6799

6.5CVSS5.5AI score0.01181EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/21 9:0 p.m.•28 views

CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection

6.5CVSS0.01181EPSS

CNNVD•added 2026/04/21 12:0 a.m.•6 views

Comfast CF-N1-S 注入漏洞

The Comfast CF-N1-S is a wireless network adapter device developed by Comfast Corporation. Version 2.6.0.1 of the Comfast CF-N1-S contains a vulnerability caused by incorrect handling of the Endpoint component parameter “destination” in the file /cgi-bin/mbox-config?method=SET§ion=pingconfig. Thi...

6.5CVSS6.6AI score0.01181EPSS

Positive Technologies•added 2026/04/21 12:0 a.m.•4 views

PT-2026-34192

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping config of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS5.5AI score0.01181EPSS

Exploits0References7

RedhatCVE•added 2026/03/26 3:16 p.m.•2 views

CVE-2026-4467

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The...

5.8CVSS5.5AI score0.02055EPSS

RedhatCVE•added 2026/03/26 3:15 p.m.•3 views

CVE-2026-4466

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET=ntptimezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be...

5.8CVSS5.3AI score0.02479EPSS

RedhatCVE•added 2026/03/26 3:14 p.m.•4 views

CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and ma...

5.8CVSS5.5AI score0.02097EPSS

EUVD•added 2026/03/20 6:31 a.m.•3 views

EUVD-2026-13524

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

5.8CVSS5.5AI score0.02097EPSS

NVD•added 2026/03/20 4:16 a.m.•5 views

CVE-2026-4468

5.8CVSS0.02097EPSS