EUVD-2026-19182
GHSA-m47x-pvpv-3jg6
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Tags
Description
A vulnerability was detected in Belkin F9K1015 1.00.10. The affected element is the function formSetFirewall of the file /goform/formSetFirewall. The manipulation of the argument webpage results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
Stack-based buffer overflow in Belkin F9K1015 wireless router firmware 1.00.10 enables authenticated remote attackers to achieve complete device compromise via the formSetFirewall firewall configuration function. The vulnerability has publicly available exploit code and carries an EPSS exploitation probability that warrants attention, though no active exploitation has been confirmed by CISA KEV at time of analysis. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all F9K1015 devices across network segments and document firmware versions; disable remote administration if enabled. Within 7 days: Isolate or remove F9K1015 devices from production networks, or restrict firewall configuration access to trusted internal networks only. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today