EUVD-2026-24503

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799

CVE-2026-6799 affects Comfast CF-N1-S (firmware 2.6.0.1). The issue is a command injection in the Endpoint component via /cgi-bin/mbox-config?method=SET&section=ping_config, caused by manipulating the destination argument. The vulnerability is exploitable remotely; exploit exists as per descripti...

PT-2026-34192

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping config of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and ma...

PT-2026-26548

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wireless device dissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be use...

Comfast CF-AC100 命令注入漏洞

The Comfast CF-AC100 is a wireless USB network card developed by Comfast Corporation. The Comfast CF-AC100 version 2.6.0.8 has a command injection vulnerability. This vulnerability stems from operations on parameters in the /cgi-bin/mbox-config file, which may lead to command injection...

Comfast CF-AC100 命令注入漏洞

The Comfast CF-AC100 is a wireless USB network card developed by Comfast Corporation. The Comfast CF-AC100 version 2.6.0.8 has a command injection vulnerability. This vulnerability stems from incorrect operations on the function sub44AC14 in the file/cgi-bin/mbox-config?method=SET§ion=pingconfig,...

CVE-2026-2823

A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...

PT-2026-20999

A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub 41ACCC of the file /cgi-bin/mbox-config?method=SET&section=ntp timezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible...

Comfast CF-E7 命令注入漏洞

The Comfast CF-E7 is a wireless router produced by Comfast Corporation. The Comfast CF-E7 version 2.6.0.9 has a command injection vulnerability. This vulnerability stems from an incorrect handling of parameters in the function sub441CF4 of the webmggnt component’s...

CVE-2026-2537

A vulnerability was identified in Comfast CF-E4 2.6.0.1. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET=ntptimezone of the component HTTP POST Request Handler. Such manipulation of the argument timestr leads to command injection. The attack may be launched remotely...

EUVD-2026-6127

A vulnerability has been found in Comfast CF-N1 V2 2.6.0.2. The affected element is the function sub44AC4C of the file /cgi-bin/mbox-config?method=SET&section=ptestbandwidth. The manipulation of the argument bandwidth leads to command injection. The attack can be initiated remotely. The exploit h...

EUVD-2026-6124

A vulnerability was identified in Comfast CF-E4 2.6.0.1. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone of the component HTTP POST Request Handler. Such manipulation of the argument timestr leads to command injection. The attack may be launched...

CVE-2026-2535

A vulnerability was found in Comfast CF-N1 V2 2.6.0.2. The impacted element is the function sub44AB9C of the file /cgi-bin/mbox-config?method=SET&section=ptestchannel. The manipulation of the argument channel results in command injection. The attack can be launched remotely. The exploit has been...

CVE-2026-2535 Comfast CF-N1 V2 mbox-config sub_44AB9C command injection

A vulnerability was found in Comfast CF-N1 V2 2.6.0.2. The impacted element is the function sub44AB9C of the file /cgi-bin/mbox-config?method=SET&section=ptestchannel. The manipulation of the argument channel results in command injection. The attack can be launched remotely. The exploit has been...

CVE-2026-2534

A vulnerability has been found in Comfast CF-N1 V2 2.6.0.2. The affected element is the function sub44AC4C of the file /cgi-bin/mbox-config?method=SET&section=ptestbandwidth. The manipulation of the argument bandwidth leads to command injection. The attack can be initiated remotely. The exploit h...

CVE-2026-2534 Comfast CF-N1 V2 mbox-config sub_44AC4C command injection

A vulnerability has been found in Comfast CF-N1 V2 2.6.0.2. The affected element is the function sub44AC4C of the file /cgi-bin/mbox-config?method=SET&section=ptestbandwidth. The manipulation of the argument bandwidth leads to command injection. The attack can be initiated remotely. The exploit h...

CVE-2026-2534

A vulnerability has been found in Comfast CF-N1 V2 2.6.0.2. The affected element is the function sub44AC4C of the file /cgi-bin/mbox-config?method=SET&section=ptestbandwidth. The manipulation of the argument bandwidth leads to command injection. The attack can be initiated remotely. The exploit h...

PT-2026-8310

Name of the Vulnerable Software and Affected Versions Comfast CF-N1 V2 version 2.6.0.2 Description A remote command injection issue exists in Comfast CF-N1 V2 2.6.0.2. The issue is located in the sub 44AC4C function within the /cgi-bin/mbox-config file. Manipulation of the bandwidth argument in t...