Comfast Cf Ac100 Firmware Security Vulnerabilities in 2026

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Comfast Cf Ac100 Firmware.

By the Year

In 2026 there have been 3 vulnerabilities in Comfast Cf Ac100 Firmware with an average score of 4.7 out of ten.

Year	Vulnerabilities	Average Score
2026	3	4.70

It may take a day or so for new Cf Ac100 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Comfast Cf Ac100 Firmware Security Vulnerabilities

Comfast CF-AC100 2.6.0.8 Remote Cmd Injection via /cgi-bin/mbox-config
CVE-2026-4468 4.7 - Medium - March 20, 2026

A vulnerability was determined in Comfast CF-AC100 2.6.0.8. Affected is an unknown function of the file /cgi-bin/mbox-config?method=SET&section=update_interface_png. This manipulation causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection

Comfast CF-AC100 2.6.0.8 RCE via /cgi-bin/mbox-config command injection
CVE-2026-4467 4.7 - Medium - March 20, 2026

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wireless_device_dissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection

CMDINJ in Comfast CF-AC100 2.6.0.8 via /cgi-bin/mbox-config
CVE-2026-4466 4.7 - Medium - March 20, 2026

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET&section=ntp_timezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Command Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Comfast Cf Ac100 Firmware or by Comfast? Click the Watch button to subscribe.

Comfast
Vendor

Comfast Cf Ac100 Firmware
Product

Comfast Cf Ac100 Firmware

Don't miss out!

By the Year

Recent Comfast Cf Ac100 Firmware Security Vulnerabilities

Comfast CF-AC100 2.6.0.8 Remote Cmd Injection via /cgi-bin/mbox-config CVE-2026-4468 4.7 - Medium - March 20, 2026

Comfast CF-AC100 2.6.0.8 RCE via /cgi-bin/mbox-config command injection CVE-2026-4467 4.7 - Medium - March 20, 2026

CMDINJ in Comfast CF-AC100 2.6.0.8 via /cgi-bin/mbox-config CVE-2026-4466 4.7 - Medium - March 20, 2026

Stay on top of Security Vulnerabilities

Comfast Vendor

Comfast Cf Ac100 FirmwareProduct

Comfast CF-AC100 2.6.0.8 Remote Cmd Injection via /cgi-bin/mbox-config
CVE-2026-4468 4.7 - Medium - March 20, 2026

Comfast CF-AC100 2.6.0.8 RCE via /cgi-bin/mbox-config command injection
CVE-2026-4467 4.7 - Medium - March 20, 2026

CMDINJ in Comfast CF-AC100 2.6.0.8 via /cgi-bin/mbox-config
CVE-2026-4466 4.7 - Medium - March 20, 2026

Comfast
Vendor

Comfast Cf Ac100 Firmware
Product