CVE-2026-2534

CVSS v2.0

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Comfast CF-N1 V2 version 2.6.0.2

Description A remote command injection issue exists in Comfast CF-N1 V2 2.6.0.2. The issue is located in the

sub 44AC4C

function within the

/cgi-bin/mbox-config

file. Manipulation of the

bandwidth

argument in the 'ptest bandwidth' section of the file allows for remote code execution. The exploit for this issue has been publicly disclosed. The vendor was notified but did not respond.

Recommendations For Comfast CF-N1 V2 version 2.6.0.2, as a temporary workaround, consider restricting access to the

/cgi-bin/mbox-config

file to minimize the risk of exploitation. Avoid using the

bandwidth

parameter in the affected API endpoint

/cgi-bin/mbox-config?method=SET&section=ptest bandwidth

until the issue is resolved.

Exploit

Fix

Command Injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77CWE-74

Related Identifiers

CVE-2026-2534

Affected Products

Comfast Cf-N1 V2

CVE-2026-2534

Weakness Enumeration

Related Identifiers

Affected Products

References · 10