CVE-2025-9584 | Comfast CF-N1 2.6.0 /usr/bin/webmgnt update_interface_png interface/display_name command injection

A vulnerability was found in Comfast CF-N1 2.6.0 and classified as critical. Affected by this issue is the function update_interface_png of the file /usr/bin/webmgnt. The manipulation of the argument interface/display_name results in command injection.

This vulnerability is identified as CVE-2025-9584. The attack can be executed remotely. Additionally, an exploit exists.