EUVD-2025-28869

Malicious code in bioql PyPI...

EUVD-2025-26146

Malicious code in bioql PyPI...

CVE-2025-9582

A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntptimezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-9585

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilithdeletepicfile of the file /usr/bin/webmgnt. This manipulation of the argument portaldeletepicname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2025-9583

A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function pingconfig of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...

CVE-2025-9582

The CVE-2025-9582 entry concerns Comfast CF-N1 firmware version 2.6.0. The flaw lies in the ntp_timezone function in the /usr/bin/webmgnt binary where manipulating the timestr argument can cause a command injection. The attack is described as remote capable and an exploit has been published. Cons...

CVE-2025-9581

A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...

CVE-2025-9581 Comfast CF-N1 webmgnt multi_pppoe command injection

A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multipppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phyinterface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used...

CVE-2025-9581

The CVE-2025-9581 entry affects Comfast CF-N1 firmware 2.6.0, specifically the multi_pppoe function in /usr/bin/webmgnt. Root cause: manipulation of the phy_interface argument enables command injection, with remote initial access and a publicly available exploit. Several connected sources corrobo...

COMFAST CF-N1 安全漏洞

COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter timestr in the file /usr/bin/webmgnt...

PT-2025-35134

Name of the Vulnerable Software and Affected Versions: Comfast CF-N1 version 2.6.0 Description: A flaw exists in the ntp timezone function within the /usr/bin/webmgnt file. Manipulation of the timestr argument can lead to command injection, potentially allowing for remote attacks. The exploit for...

COMFAST CF-N1 安全漏洞

COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter portaldeletepicname in the file /usr/bin/webmgnt...