CVE-2026-12814

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

CVE-2026-12814

CVE-2026-12814 affects Comfast CF-WR631AX V3 up to version 2.7.0.8. The vulnerability is located in the API Endpoint component, specifically the file path /cgi-bin/mbox-config?section=ping_config, where manipulation of the destination argument leads to an OS command injection. The issue can be ex...

CVE-2026-12814 Comfast CF-WR631AX V3 API Endpoint mbox-config system os command injection

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

PT-2026-51261

Name of the Vulnerable Software and Affected Versions Comfast CF-WR631AX V3 versions prior to 2.7.0.8 Description A remote OS command injection flaw exists in the API Endpoint component. The issue occurs within the system function of the '/cgi-bin/mbox-config?section=ping config' endpoint when th...

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799

CVE-2026-6799 affects Comfast CF-N1-S (firmware 2.6.0.1). The issue is a command injection in the Endpoint component via /cgi-bin/mbox-config?method=SET&section=ping_config, caused by manipulating the destination argument. The vulnerability is exploitable remotely; exploit exists as per descripti...

CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

Comfast CF-N1-S 注入漏洞

The Comfast CF-N1-S is a wireless network adapter device developed by Comfast Corporation. Version 2.6.0.1 of the Comfast CF-N1-S contains a vulnerability caused by incorrect handling of the Endpoint component parameter “destination” in the file /cgi-bin/mbox-config?method=SET§ion=pingconfig. Thi...

PT-2026-34192

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=ping config of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-4468 Comfast CF-AC100 mbox-config command injection

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468 Comfast CF-AC100 mbox-config command injection

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=updateinterfacepng. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2026-4468

CVE-2026-4468 affects Comfast CF-AC100 2.6.0.8. An unknown function in the URL /cgi-bin/mbox-config?method=SET&section=update_interface_png is vulnerable to remote command injection. The manipulation can be performed remotely, and the exploit has been publicly disclosed. The vendor was contacted ...

CVE-2026-4467 Comfast CF-AC100 mbox-config command injection

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4467 Comfast CF-AC100 mbox-config command injection

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4466 Comfast CF-AC100 mbox-config command injection

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public an...

CVE-2026-4466 Comfast CF-AC100 mbox-config command injection

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET&section=ntptimezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public an...

CVE-2026-4466

Summary: CVE-2026-4466 affects Comfast CF-AC100 2.6.0.8. The issue arises in an unknown function within the file /cgi-bin/mbox-config?method=SET&section=ntp_timezone, where manipulation enables a command injection . Impact described: remote code execution is possible, with exploitation disclosed ...