CVE-2025-9585 | Comfast CF-N1 2.6.0 /usr/bin/webmgnt wifilith_delete_pic_file portal_delete_picname command injection

Inserito da Angelo Barbosa | Ago 28, 2025 | CVE

A vulnerability was found in Comfast CF-N1 2.6.0. It has been classified as critical. This affects the function wifilith_delete_pic_file of the file /usr/bin/webmgnt. This manipulation of the argument portal_delete_picname causes command injection.

This vulnerability is tracked as CVE-2025-9585. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2025-9585 | Comfast CF-N1 2.6.0 /usr/bin/webmgnt wifilith_delete_pic_file portal_delete_picname command injection

Post correlati

CVE-2023-50436 | Couchbase Server up to 7.2.3 log file

CVE-2024-28583 | FreeImage 3.19.0 r1909 XPM Image readLine buffer overflow

CVE-2025-11171 | Chartify Plugin up to 3.5.9 on WordPress missing authentication

CVE-2024-13687 | labibahmed42 Team Builder Plugin up to 1.3 on WordPress Setting save_team_builder_options authorization