CVE-2026-2534 | Comfast CF-N1 V2 2.6.0.2 mbox-config?method=SET§ion=ptest_bandwidth sub_44AC4C command injection
A vulnerability classified as critical has been found in Comfast CF-N1 V2 2.6.0.2. The affected element is the function sub_44AC4C of the file /cgi-bin/mbox-config?method=SET§ion=ptest_bandwidth. The manipulation of the argument bandwidth leads to command injection.
This vulnerability is documented as CVE-2026-2534. The attack can be initiated remotely. Additionally, an exploit exists.
The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More