Which versions of Belkin F9K1122 are affected by CVE-2026-4566?

A critical remote code execution vulnerability affects Belkin F9K1122 routers with publicly available exploit code, allowing authenticated attackers to completely compromise affected devices.

Is there a public PoC exploit available for CVE-2026-4566?

Yes, a public proof-of-concept exploit is available for CVE-2026-4566. Prioritise patching immediately. EPSS: 0.0%.

Belkin F9K1122 CVE-2026-4566

Q: What is the CVSS score of CVE-2026-4566?

CVE-2026-4566 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-14347 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-03-23 VulDB

Buffer Overflow Stack Overflow

7.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

Apr 29, 2026 - 22:22 vuln.today

cvss_changed

CVSS changed

Apr 29, 2026 - 22:22 NVD

8.8 (HIGH) 7.4 (HIGH)

PoC Detected

Mar 23, 2026 - 14:31 vuln.today

Public exploit code

EUVD ID Assigned

Mar 23, 2026 - 02:30 euvd

EUVD-2026-14347

Analysis Generated

Mar 23, 2026 - 02:30 vuln.today

CVE Published

Mar 23, 2026 - 01:30 nvd

HIGH 8.8

DescriptionNVD

A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Stack-based buffer overflow in Belkin F9K1122 firmware version 1.00.33 allows authenticated remote attackers to achieve complete system compromise through manipulation of the webpage parameter in the formWISP5G function. Public exploit code exists for this vulnerability and the vendor has not provided patches or responded to disclosure attempts. …

RemediationAI

Within 24 hours: Identify and inventory all Belkin F9K1122 devices on the network and restrict administrative access to trusted personnel only. Within 7 days: Implement network segmentation to isolate affected routers from critical systems and deploy WAF rules to block malicious formWISP5G requests. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-4566 vulnerability details – vuln.today

Back

Belkin F9K1122 CVE-2026-4566

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Belkin F9K1122 CVE-2026-4566

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code