Lucene search
K

299 matches found

EUVD
EUVD
added 2 days ago9 views

EUVD-2026-43252

A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this vulnerability is the function systemwluploadpicfile of the file /usr/bin/webmgnt of the component FastCGI Backend. This manipulation of the argument filename causes os command injection. It is possible to...

10CVSS6.7AI score0.0269EPSS
Exploits0References6
NVD
NVD
added 3 days ago9 views

CVE-2026-15511

A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this vulnerability is the function systemwluploadpicfile of the file /usr/bin/webmgnt of the component FastCGI Backend. This manipulation of the argument filename causes os command injection. It is possible to...

10CVSS0.0269EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-15511 Comfast CF-WR631AX V3 FastCGI Backend webmgnt system_wl_upload_pic_file os command injection

A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this vulnerability is the function systemwluploadpicfile of the file /usr/bin/webmgnt of the component FastCGI Backend. This manipulation of the argument filename causes os command injection. It is possible to...

10CVSS0.0269EPSS
Exploits0References5
CVE
CVE
added 3 days ago18 views

CVE-2026-15511

Comfast CF-WR631AX V3 devices affected up to version 2.7.0.8; the FastCGI Backend’s /usr/bin/webmgnt module function system_wl_upload_pic_file accepts a manipulated filename, leading to OS command injection. Attacks can be remotely initiated; the exploit has been publicly disclosed and vendor res...

10CVSS6.7AI score0.0269EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 3 days ago15 views

PT-2026-57563

Name of the Vulnerable Software and Affected Versions Comfast CF-WR631AX V3 versions prior to 2.7.0.8 Description An OS command injection flaw exists in the FastCGI Backend component within the /usr/bin/webmgnt file. The issue occurs in the system wl upload pic file function when processing the...

10CVSS7.2AI score0.0269EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/22 12:31 a.m.11 views

EUVD-2026-38200

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References6
NVD
NVD
added 2026/06/21 11:16 p.m.12 views

CVE-2026-12814

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS0.01182EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 10:45 p.m.6 views

CVE-2026-12814

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/21 10:45 p.m.21 views

CVE-2026-12814 Comfast CF-WR631AX V3 API Endpoint mbox-config system os command injection

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS0.01182EPSS
Exploits0References5
CVE
CVE
added 2026/06/21 10:45 p.m.14 views

CVE-2026-12814

CVE-2026-12814 affects Comfast CF-WR631AX V3 up to version 2.7.0.8. The vulnerability is located in the API Endpoint component, specifically the file path /cgi-bin/mbox-config?section=ping_config, where manipulation of the destination argument leads to an OS command injection. The issue can be ex...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.32 views

PT-2026-51261

Name of the Vulnerable Software and Affected Versions Comfast CF-WR631AX V3 versions prior to 2.7.0.8 Description A remote OS command injection flaw exists in the API Endpoint component. The issue occurs within the system function of the '/cgi-bin/mbox-config?section=ping config' endpoint when th...

6.5CVSS6.9AI score0.01182EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.11 views

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The attack can...

6.5CVSS6.3AI score0.01181EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/22 12:31 a.m.6 views

EUVD-2026-24503

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS5.5AI score0.01181EPSS
Exploits0References5
NVD
NVD
added 2026/04/21 10:16 p.m.6 views

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS0.01181EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/21 9:0 p.m.2 views

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS5.5AI score0.01181EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/21 9:0 p.m.35 views

CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS0.01181EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/21 9:0 p.m.3 views

CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS6.3AI score0.01181EPSS
Exploits0References4
CVE
CVE
added 2026/04/21 9:0 p.m.15 views

CVE-2026-6799

CVE-2026-6799 affects Comfast CF-N1-S (firmware 2.6.0.1). The issue is a command injection in the Endpoint component via /cgi-bin/mbox-config?method=SET&section=ping_config, caused by manipulating the destination argument. The vulnerability is exploitable remotely; exploit exists as per descripti...

6.5CVSS6.3AI score0.01181EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.12 views

Comfast CF-N1-S 注入漏洞

The Comfast CF-N1-S is a wireless network adapter device developed by Comfast Corporation. Version 2.6.0.1 of the Comfast CF-N1-S contains a vulnerability caused by incorrect handling of the Endpoint component parameter “destination” in the file /cgi-bin/mbox-config?method=SET§ion=pingconfig. Thi...

6.5CVSS6.6AI score0.01181EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.7 views

PT-2026-34192

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping config of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

6.5CVSS5.5AI score0.01181EPSS
Exploits0References7
Rows per page
Query Builder