VYPR
Medium severity6.3NVD Advisory· Published Aug 28, 2025· Updated Apr 29, 2026

CVE-2025-9585

CVE-2025-9585

Description

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilith_delete_pic_file of the file /usr/bin/webmgnt. This manipulation of the argument portal_delete_picname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.