{
  "id": "CVE-2023-38866",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-15T20:15:11.267",
  "lastModified": "2023-08-15T21:56:06.607",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and display_name."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject2",
      "source": "cve@mitre.org"
    }
  ]
}