Filtered by vendor Comfast
Subscriptions
Filtered by product Cf-n1
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9583 | 1 Comfast | 2 Cf-n1, Cf-n1 Firmware | 2025-10-02 | 6.3 Medium |
| A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function ping_config of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9584 | 1 Comfast | 2 Cf-n1, Cf-n1 Firmware | 2025-10-02 | 6.3 Medium |
| A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the function update_interface_png of the file /usr/bin/webmgnt. The manipulation of the argument interface/display_name results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-9585 | 1 Comfast | 2 Cf-n1, Cf-n1 Firmware | 2025-10-02 | 6.3 Medium |
| A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilith_delete_pic_file of the file /usr/bin/webmgnt. This manipulation of the argument portal_delete_picname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-9586 | 1 Comfast | 2 Cf-n1, Cf-n1 Firmware | 2025-10-02 | 6.3 Medium |
| A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wireless_device_dissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available and might be used. | ||||
| CVE-2025-9581 | 1 Comfast | 2 Cf-n1, Cf-n1 Firmware | 2025-09-11 | 6.3 Medium |
| A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multi_pppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phy_interface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2025-9582 | 1 Comfast | 2 Cf-n1, Cf-n1 Firmware | 2025-09-11 | 6.3 Medium |
| A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used. | ||||
Page 1 of 1.