CVE-2023-38865

Publication date

2023-08-15 00:00:00

Family

mitre

State

PUBLISHED

Description

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.