CVE-2026-12814

Published
View on NVD ↗
CVSS v3
6.3
MEDIUM
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT

Description

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=ping_config of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

0xcc12138/COMFAST-CF-WR631AX-Router-Backend-Command-Injection-RCE-Analysis-Report
0xcc12138/COMFAST-CF-WR631AX-Router-Backend-Command-Injection-RCE-Analysis-Report
OS command injection in COMFAST CF-WR631AX V3 router (firmware V2.7.0.8) via the `destination` parameter of the ping_config API endpoint in /usr/bin/webmgnt, leading to remote code execution as root.
GitHubGitHub