Vulnerabilities > Comfast

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-11	CVE-2024-44466	Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2 COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. network low complexity comfast CWE-77 critical	9.8
2023-08-15	CVE-2023-38864	Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2 An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt. network low complexity comfast CWE-77 critical	9.8
2023-08-15	CVE-2023-38866	Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2 COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. network low complexity comfast CWE-77 critical	9.8
2023-08-15	CVE-2023-38862	Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2 An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt. network low complexity comfast CWE-77 critical	9.8
2023-08-15	CVE-2023-38863	Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2 An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt. network low complexity comfast CWE-77 critical	9.8
2023-08-15	CVE-2023-38865	Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2 COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. network low complexity comfast CWE-77 critical	9.8
2023-02-13	CVE-2022-45724	Improper Authentication vulnerability in Comfast Cf-Wr610N Firmware 2.3.1 Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests. network low complexity comfast CWE-287	5.4
2023-02-13	CVE-2022-45725	Improper Input Validation vulnerability in Comfast Cf-Wr610N Firmware 2.3.1 Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request low complexity comfast CWE-20	8.8

Vulnerabilities > Comfast {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Comfast"}]}

Vulnerabilities > Comfast