Known Vulnerabilities for products from Comfast
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Comfast".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-6799 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-4468 json | Not Provided | 2026-03-20 | 2026-03-20 | |
| CVE-2026-4467 json | Not Provided | 2026-03-20 | 2026-03-20 | |
| CVE-2026-4466 json | Not Provided | 2026-03-20 | 2026-03-20 | |
| CVE-2023-38866 json | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request... | 9.8 - CRITICAL | 2023-08-15 | 2023-08-22 |
| CVE-2023-38865 json | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request... | 9.8 - CRITICAL | 2023-08-15 | 2023-08-22 |
| CVE-2023-38864 json | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in t... | 9.8 - CRITICAL | 2023-08-15 | 2023-08-22 |
| CVE-2023-38863 json | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub... | 9.8 - CRITICAL | 2023-08-15 | 2023-08-22 |
| CVE-2023-38862 json | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 ... | 9.8 - CRITICAL | 2023-08-15 | 2023-08-22 |
| CVE-2022-45725 json | Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitra... | 8.8 - HIGH | 2023-02-13 | 2023-08-08 |
| CVE-2022-45724 json | Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP... | 5.4 - MEDIUM | 2023-02-13 | 2023-08-08 |