EUVD-2026-19152
GHSA-7rxh-cwgm-8354
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A vulnerability was found in Belkin F9K1015 1.00.10. This affects the function formCrossBandSwitch of the file /goform/formCrossBandSwitch. Performing a manipulation of the argument webpage results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
Stack-based buffer overflow in Belkin F9K1015 wireless router firmware version 1.00.10 allows authenticated remote attackers to achieve arbitrary code execution with high confidentiality, integrity, and availability impact. The vulnerability resides in the formCrossBandSwitch function accessible via /goform/formCrossBandSwitch endpoint, where unsanitized input to the 'webpage' parameter triggers memory corruption. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Audit all Belkin F9K1015 devices in production and create an inventory by firmware version; immediately isolate or restrict network access to affected routers (v1.00.10) to administrative personnel only. Within 7 days: Contact Belkin support to determine if patched firmware versions exist for this model; if unavailable, evaluate replacing the F9K1015 with alternative router hardware from vendors with active security support, or implement network segmentation to minimize exposure. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today