Improper Input Validation in Comfast Router CF-WR6110N
CVE-2022-45725

8.8HIGH

Key Information:

Vendor: Comfast
Status: Cf-wr610n Firmware
Vendor: CVE Published:; 13 February 2023

What is CVE-2022-45725?

The Comfast CF-WR6110N router version V2.3.1 is susceptible to a significant vulnerability due to improper input validation. This flaw can be exploited by an attacker on the same local network, allowing them to send crafted HTTP POST requests that may lead to the execution of arbitrary code. This presents a serious threat as it compromises the router's integrity and the security of the entire network, necessitating prompt attention and remediation.

References

http://cf-wr6110n.com

http://comfast.com

http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610...

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 13, 2023
Vulnerability Reserved
Nov 21, 2022

CVE-2022-45725 Data

JSON