CVE-2022-45725

HIGH

Published Feb 13, 20233y ago · Modified Jun 17, 20261w ago

8.8 CVSS 3.1

High

Published Feb 13, 2023 3y ago

Last Modified Jun 17, 2026 1w ago

Description

Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request

CVSS Details

Base Score

8.8

Exploitability

2.8

Impact

5.9

Vector string

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector Adjacent

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status

Public Exploit Known

No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 2

Vendor	Product	Version	Range
comfast	cf-wr610n_firmware	2.3.1	any
comfast	cf-wr610n	*	any

References 3

cf-wr6110n.com http://cf-wr6110n.com

Broken Link
comfast.com http://comfast.com

Broken Link
sn0ox.com http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610N.html

ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.