CVE-2026-5043
Received Received - Intake
Stack-Based Buffer Overflow in Belkin F9K1122 Parameter Handler

Publication date: 2026-03-29

Last updated on: 2026-03-30

Assigner: VulDB

Description
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-29
Last Modified
2026-03-30
Generated
2026-06-16
AI Q&A
2026-03-29
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5043
EUVD
EUVD-2026-16989
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
belkin f9k1122_firmware 1.00.33
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5043 is a stack-based buffer overflow vulnerability in the Belkin F9K1122 router firmware version 1.00.33. It occurs in the formSetPassword function of the web interface, specifically when processing a user-supplied parameter named "webpage". The function copies this parameter into a fixed-size buffer without checking its length, allowing an attacker to overflow the buffer.

This overflow can be triggered remotely by sending a specially crafted HTTP POST request to the /goform/formSetPassword endpoint with an excessively long "webpage" parameter.

Impact Analysis

Exploiting this vulnerability can lead to denial of service (DoS) or remote code execution (RCE) on the affected device.

An attacker can remotely send a malicious request to the router to crash it or execute arbitrary code, potentially taking control of the device.

Detection Guidance

This vulnerability can be detected by monitoring for HTTP POST requests sent to the /goform/formSetPassword endpoint containing an unusually large or excessively long "webpage" parameter.

A practical detection method is to capture and analyze network traffic for such suspicious POST requests.

  • Use a network packet capture tool like tcpdump or Wireshark to filter HTTP POST requests to /goform/formSetPassword.
  • Example tcpdump command to capture relevant traffic: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/goform/formSetPassword'
  • Use curl or similar tools to test the endpoint by sending a POST request with a large "webpage" parameter to see if the device responds abnormally.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint and monitoring for exploit attempts.

  • Block or filter incoming HTTP POST requests to /goform/formSetPassword from untrusted networks using firewall rules.
  • Disable remote management of the router's web interface if possible.
  • Monitor network traffic for suspicious POST requests with large "webpage" parameters.
  • If available, update the router firmware to a version that addresses this vulnerability (note: vendor did not respond, so check for any unofficial patches or mitigations).
Compliance Impact

The CVE-2026-5043 vulnerability in the Belkin F9K1122 router allows remote exploitation via a stack-based buffer overflow, potentially leading to denial of service or remote code execution. Such vulnerabilities can compromise the confidentiality, integrity, and availability of data processed or transmitted by the affected device.

While the provided information does not explicitly mention compliance with standards like GDPR or HIPAA, the presence of a critical remote code execution vulnerability in a network device could lead to unauthorized access or data breaches. This, in turn, may result in non-compliance with regulations that require protection of personal or sensitive data.

Therefore, organizations using the affected Belkin F9K1122 router firmware version 1.00.33 should consider this vulnerability a risk to regulatory compliance and take appropriate mitigation steps.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5043. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart