CVE-2024-44466 | Comfast CF-XR11 2.7.2 HTTP POST Request /usr/bin/webmgnt sub_424CB4 iface command injection

Posted by Angelo Barbosa | Sep 11, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Comfast CF-XR11 2.7.2. This issue affects the function sub_424CB4 of the file /usr/bin/webmgnt of the component HTTP POST Request Handler. The manipulation of the argument iface leads to command injection.

The identification of this vulnerability is CVE-2024-44466. The attack may be initiated remotely. There is no exploit available.

CVE-2024-44466 | Comfast CF-XR11 2.7.2 HTTP POST Request /usr/bin/webmgnt sub_424CB4 iface command injection

Related Posts

CVE-2024-37542 | WpDevArt Responsive Image Gallery, Gallery Album Plugin up to 2.0.3 on WordPress authorization

CVE-2024-47836 | admidio up to 4.3.11 deserialization

CVE-2024-42748 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi setWiFiWpsCfg os command injection

CVE-2023-47548 | SoftLab Integrate Google Drive Plugin up to 1.3.2 on WordPress redirect