Primary

Context

Comfast CF-AC100 Command Injection Vulnerability in V2.6.0.8

Vulnerability

A command injection vulnerability exists in the Comfast CF-AC100 router running firmware version 2.6.0.8. The issue arises in the request path '/cgi-bin/mbox-config?method=SET&section=ping_config', where the 'destination' field is improperly validated. This flaw allows remote attackers to execute arbitrary commands by sending crafted HTTP POST requests. Exploitation requires authentication and the presence of specific cookies.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device.

Reproduction

To reproduce this vulnerability, send a POST request to '/cgi-bin/mbox-config?method=SET&section=ping_config' with a payload in the 'destination' field that includes the desired command. The request must include a valid session cookie to authenticate the user.

Added: Mar 9, 2026, 4:20 AM

Updated: Mar 9, 2026, 4:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

3.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

3.7

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Comfast CF-AC100 Command Injection Vulnerability in V2.6.0.8

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating