CVE-2025-8730
BaseFortify
Publication date: 2025-08-08
Last updated on: 2025-08-08
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| belkin | f9k1010 | 2.00.04 |
| belkin | f9k1010 | 2.00.09 |
| belkin | f9k1009 | 2.00.09 |
| belkin | f9k1009 | 2.00.04 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-259 | The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components. |
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the web interface of Belkin F9K1009 and F9K1010 devices (versions 2.00.04 and 2.00.09). It involves hard-coded credentials that can be exploited remotely, allowing an attacker to gain unauthorized access without needing any privileges or user interaction. The vulnerability is classified as critical and the exploit has been publicly disclosed.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to remotely access the affected devices using hard-coded credentials, potentially leading to full compromise of the device. This can result in unauthorized control, data theft, disruption of services, or further attacks on the network where the device is deployed.