Medium severity6.3NVD Advisory· Published Aug 28, 2025· Updated Apr 29, 2026
CVE-2025-9582
CVE-2025-9582
Description
A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used.
Affected products
2- cpe:2.3:o:comfast:cf-n1_firmware:2.6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4- github.com/ZZ2266/.github.io/tree/main/COMFAST/N1V2/ntp_timezonenvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.