CVE-2026-4467

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The...

CVE-2026-4466

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET=ntptimezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be...

EUVD-2026-13524

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468 Comfast CF-AC100 mbox-config command injection

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468 Comfast CF-AC100 mbox-config command injection

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468

CVE-2026-4468 affects Comfast CF-AC100 2.6.0.8. An unknown function in the URL /cgi-bin/mbox-config?method=SET&section=update_interface_png is vulnerable to remote command injection. The manipulation can be performed remotely, and the exploit has been publicly disclosed. The vendor was contacted ...

EUVD-2026-13484

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public an...

EUVD-2026-13515

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4467

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4467 Comfast CF-AC100 mbox-config command injection

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4467 Comfast CF-AC100 mbox-config command injection

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4467

CVE-2026-4467 affects Comfast CF-AC100 firmware 2.6.0.8. An attacker can remotely trigger command injection via /cgi-bin/mbox-config?method=SET&section=wireless_device_dissoc, by exploiting a vulnerable function in that path. The exploit is publicly available, and exploitation has activity descri...

CVE-2026-4466 Comfast CF-AC100 mbox-config command injection

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public an...

PT-2026-26537

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET&section=ntp timezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public a...

Comfast CF-AC100 命令注入漏洞

The Comfast CF-AC100 is a wireless USB network card developed by Comfast Corporation. The Comfast CF-AC100 version 2.6.0.8 has a command injection vulnerability. This vulnerability stems from operations on parameters in the /cgi-bin/mbox-config file, which may lead to command injection...

PT-2026-26555

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=update interface png. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

EUVD-2026-10290

A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...

CVE-2026-3798

A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...

CVE-2026-3798

A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...