CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468 Comfast CF-AC100 mbox-config command injection

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2025-9584

A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the function updateinterfacepng of the file /usr/bin/webmgnt. The manipulation of the argument interface/displayname results in command injection. The attack can be executed remotely. The exploit has been made public and...

CVE-2025-9584

CVE-2025-9584 affects Comfast CF-N1 v2.6.0. The issue is in the function update_interface_png of /usr/bin/webmgnt, where manipulating the interface/display_name argument leads to a remote command-injection . Exploitation is possible remotely and the exploit has been publicized. Multiple sources c...

PT-2025-35136

Name of the Vulnerable Software and Affected Versions: Comfast CF-N1 version 2.6.0 Description: A vulnerability exists in Comfast CF-N1 version 2.6.0 due to command injection. The issue is located in the update interface png function within the /usr/bin/webmgnt file. Manipulation of the...