EUVD-2026-6125

A vulnerability was found in Comfast CF-N1 V2 2.6.0.2. The impacted element is the function sub44AB9C of the file /cgi-bin/mbox-config?method=SET&section=ptestchannel. The manipulation of the argument channel results in command injection. The attack can be launched remotely. The exploit has been...

CVE-2026-2535

The CVE-2026-2535 entry affects Comfast CF-N1 V2 2.6.0.2. The vulnerability exists in the function sub_44AB9C within /cgi-bin/mbox-config?method=SET&section=ptest_channel; manipulating the channel argument leads to command injection. Exploitation can be performed remotely, and public proof of con...

COMFAST CF-N1 命令注入漏洞

COMFAST CF-N1 is a wireless router produced by COMFAST Corporation. The Comfast CF-N1 V2 2.6.0.2 version has a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “channel” in the function sub44AB9C within the file...

CVE-2025-9585

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilithdeletepicfile of the file /usr/bin/webmgnt. This manipulation of the argument portaldeletepicname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2025-9586

A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wirelessdevicedissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available...

CVE-2025-9586 Comfast CF-N1 webmgnt wireless_device_dissoc command injection

A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wirelessdevicedissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available...

CVE-2025-9583

A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function pingconfig of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...

CVE-2025-9582 Comfast CF-N1 webmgnt ntp_timezone command injection

A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntptimezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

COMFAST CF-N1 安全漏洞

COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter portaldeletepicname in the file /usr/bin/webmgnt...