Comfast Cf-E7 vulnerabilities
2 known vulnerabilities affecting comfast/cf-e7.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2026-2823P2HIGHCVSS 8.8v2.6.0.92026-02-20
CVE-2026-2823 [HIGH] CWE-74 CVE-2026-2823: A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub_41AC
A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub_41ACCC of the file /cgi-bin/mbox-config?method=SET§ion=ntp_timezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible to be carried out remotely. The exploit is now public and may
nvd
CVE-2026-2824P2HIGHCVSS 8.8v2.6.0.92026-02-20
CVE-2026-2824 [HIGH] CWE-74 CVE-2026-2824: A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub_441CF4 of the file /cg
A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub_441CF4 of the file /cgi-bin/mbox-config?method=SET§ion=ping_config of the component webmggnt. Executing a manipulation of the argument destination can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor
nvd