Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Comfast — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Comfast. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Comfast manufactures networking equipment, primarily focusing on affordable Wi-Fi routers and access points for home and small office use. Historically, their products have been vulnerable to multiple remote code execution flaws, cross-site scripting, and privilege escalation vulnerabilities, often stemming from hardcoded credentials, insufficient input validation, and insecure firmware updates. The company has faced scrutiny for poor security practices, with 16 CVEs recorded, many allowing unauthorized device access or complete network compromise. Security researchers have frequently highlighted their products' susceptibility to attacks due to inadequate patch management and weak default configurations, making them common targets in botnet recruitment campaigns.

Top products by Comfast: CF-N1 CF-AC100 CF-E7 CF-N1 V2 CF-E4 CF-N1-S
CVE IDTitleCVSSSeverityPublished
CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection — CF-N1-SCWE-77 6.3 Medium2026-04-21
CVE-2026-4468 Comfast CF-AC100 mbox-config command injection — CF-AC100CWE-77 4.7 Medium2026-03-20
CVE-2026-4467 Comfast CF-AC100 mbox-config command injection — CF-AC100CWE-77 4.7 Medium2026-03-20
CVE-2026-4466 Comfast CF-AC100 mbox-config command injection — CF-AC100CWE-77 4.7 Medium2026-03-20
CVE-2026-3798 Comfast CF-AC100 Request Path mbox-config sub_44AC14 command injection — CF-AC100CWE-77 4.7 Medium2026-03-09
CVE-2026-2824 Comfast CF-E7 webmggnt mbox-config sub_441CF4 command injection — CF-E7CWE-77 6.3 Medium2026-02-20
CVE-2026-2823 Comfast CF-E7 webmggnt mbox-config sub_41ACCC command injection — CF-E7CWE-77 6.3 Medium2026-02-20
CVE-2026-2537 Comfast CF-E4 HTTP POST Request mbox-config command injection — CF-E4CWE-77 4.7 Medium2026-02-16
CVE-2026-2535 Comfast CF-N1 V2 mbox-config sub_44AB9C command injection — CF-N1 V2CWE-77 6.3 Medium2026-02-16
CVE-2026-2534 Comfast CF-N1 V2 mbox-config sub_44AC4C command injection — CF-N1 V2CWE-77 6.3 Medium2026-02-16
CVE-2025-9586 Comfast CF-N1 webmgnt wireless_device_dissoc command injection — CF-N1CWE-77 6.3 Medium2025-08-28
CVE-2025-9585 Comfast CF-N1 webmgnt wifilith_delete_pic_file command injection — CF-N1CWE-77 6.3 Medium2025-08-28
CVE-2025-9584 Comfast CF-N1 webmgnt update_interface_png command injection — CF-N1CWE-77 6.3 Medium2025-08-28
CVE-2025-9583 Comfast CF-N1 webmgnt ping_config command injection — CF-N1CWE-77 6.3 Medium2025-08-28
CVE-2025-9582 Comfast CF-N1 webmgnt ntp_timezone command injection — CF-N1CWE-77 6.3 Medium2025-08-28
CVE-2025-9581 Comfast CF-N1 webmgnt multi_pppoe command injection — CF-N1CWE-77 6.3 Medium2025-08-28

This page lists every published CVE security advisory associated with Comfast. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.