VYPR

CF-E7

by Comfast

CVEs (2)

  • CVE-2026-2824MedFeb 20, 2026
    risk 0.41cvss 6.3epss 0.11

    A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub_441CF4 of the file /cgi-bin/mbox-config?method=SET&section=ping_config of the component webmggnt. Executing a manipulation of the argument destination can lead to command injection. The attack may be…

  • CVE-2026-2823MedFeb 20, 2026
    risk 0.41cvss 6.3epss 0.16

    A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub_41ACCC of the file /cgi-bin/mbox-config?method=SET&section=ntp_timezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The…