CVE-2025-9379
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-24

Last updated on: 2025-08-25

Assigner: VulDB

Description
A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-24
Last Modified
2025-08-25
Generated
2026-06-16
AI Q&A
2025-08-24
EPSS Evaluated
2026-06-15
NVD
CVE-2025-9379
EUVD
EUVD-2025-25639
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
belkin ax1800 1.1.00.016
belkin ax1800 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-345 The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects the Belkin AX1800 WiFi 6 Router firmware version 1.1.00.016, specifically its Firmware Update Handler component. The router uses the CRC32 algorithm to verify the integrity of firmware updates, but CRC32 is inadequate because it is vulnerable to collisions. An attacker can craft malicious firmware that passes the CRC32 check, allowing them to upload unauthorized firmware. This leads to insufficient verification of data authenticity, enabling remote attackers to execute arbitrary code or cause denial of service on the device. [1, 2]

Impact Analysis

Exploitation of this vulnerability can compromise the confidentiality, integrity, and availability of the affected router. An attacker can remotely upload malicious firmware that appears legitimate, potentially gaining unauthorized control over the device, executing arbitrary code, or causing denial of service. This can disrupt network connectivity, expose sensitive data, or allow further attacks within the network. [1, 2]

Detection Guidance

Detection of this vulnerability involves identifying if the affected Belkin AX1800 router is running firmware version 1.1.00.016. Since the vulnerability is related to the firmware update handler's insufficient verification of data authenticity, direct detection commands are not provided. However, you can check the router's firmware version via its management interface or by querying the device using network scanning tools. For example, using SNMP or SSH (if available) to retrieve firmware version information. No specific commands for detecting exploitation or presence of malicious firmware are documented. [2]

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the affected firmware version 1.1.00.016 on the Belkin AX1800 router. Since no patches or vendor responses are available, it is recommended to replace the affected device with an alternative product. Additionally, restrict remote access to the router's management interfaces to trusted networks only, and monitor for any unusual firmware update activity. No official mitigations or workarounds have been published. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9379. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart