Vulnerabilities > Comfast > CF Xr11 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-38864 Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt.
network
low complexity
comfast CWE-77
critical
 9.8
9.8
2023-08-15 CVE-2023-38866 Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588.
network
low complexity
comfast CWE-77
critical
 9.8
9.8
2023-08-15 CVE-2023-38862 Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt.
network
low complexity
comfast CWE-77
critical
 9.8
9.8
2023-08-15 CVE-2023-38863 Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt.
network
low complexity
comfast CWE-77
critical
 9.8
9.8
2023-08-15 CVE-2023-38865 Command Injection vulnerability in Comfast Cf-Xr11 Firmware 2.7.2
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0.
network
low complexity
comfast CWE-77
critical
 9.8
9.8