F9K1015 Firmware
Monthly
Stack-based buffer overflow in Belkin F9K1015 wireless router firmware 1.00.10 enables authenticated remote attackers to achieve complete device compromise via the formSetFirewall firewall configuration function. The vulnerability has publicly available exploit code and carries an EPSS exploitation probability that warrants attention, though no active exploitation has been confirmed by CISA KEV at time of analysis. The vendor (Belkin) was notified but did not respond, leaving legacy hardware users without an official remediation path.
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the command argument in the /goform/mp endpoint. The vulnerability requires valid user credentials but offers minimal impact due to restricted capabilities (low confidentiality, integrity, and availability effects). Publicly available exploit code exists, though EPSS scoring (0.20%) indicates limited real-world exploitation probability despite public availability.
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the m_wan_ipaddr parameter in the /goform/formSetWanStatic endpoint. The vulnerability has publicly available exploit code and has been disclosed despite vendor non-responsiveness. With a CVSS score of 2.1 and EPSS percentile of 42%, real-world risk is low due to authentication requirement and limited impact scope, though the public POC and command injection nature warrant monitoring.
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the wan_ipaddr parameter in the /goform/formBSSetSitesurvey endpoint. The vulnerability requires valid credentials and has limited scope (low confidentiality, integrity, and availability impact on the vulnerable component), but publicly available exploit code exists and the vendor has not responded to disclosure efforts.
Stack-based buffer overflow in Belkin F9K1015 wireless router firmware 1.00.10 enables authenticated remote attackers to achieve complete device compromise via the formSetFirewall firewall configuration function. The vulnerability has publicly available exploit code and carries an EPSS exploitation probability that warrants attention, though no active exploitation has been confirmed by CISA KEV at time of analysis. The vendor (Belkin) was notified but did not respond, leaving legacy hardware users without an official remediation path.
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the command argument in the /goform/mp endpoint. The vulnerability requires valid user credentials but offers minimal impact due to restricted capabilities (low confidentiality, integrity, and availability effects). Publicly available exploit code exists, though EPSS scoring (0.20%) indicates limited real-world exploitation probability despite public availability.
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the m_wan_ipaddr parameter in the /goform/formSetWanStatic endpoint. The vulnerability has publicly available exploit code and has been disclosed despite vendor non-responsiveness. With a CVSS score of 2.1 and EPSS percentile of 42%, real-world risk is low due to authentication requirement and limited impact scope, though the public POC and command injection nature warrant monitoring.
Command injection in Belkin F9K1015 firmware 1.00.10 allows authenticated remote attackers to execute arbitrary commands via manipulation of the wan_ipaddr parameter in the /goform/formBSSetSitesurvey endpoint. The vulnerability requires valid credentials and has limited scope (low confidentiality, integrity, and availability impact on the vulnerable component), but publicly available exploit code exists and the vendor has not responded to disclosure efforts.