CVE-2026-5043
Stack-Based Buffer Overflow in Belkin F9K1122 Parameter Handler
Publication date: 2026-03-29
Last updated on: 2026-03-30
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| belkin | f9k1122_firmware | 1.00.33 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-5043 is a stack-based buffer overflow vulnerability in the Belkin F9K1122 router firmware version 1.00.33. It occurs in the formSetPassword function of the web interface, specifically when processing a user-supplied parameter named "webpage". The function copies this parameter into a fixed-size buffer without checking its length, allowing an attacker to overflow the buffer.
This overflow can be triggered remotely by sending a specially crafted HTTP POST request to the /goform/formSetPassword endpoint with an excessively long "webpage" parameter.
How can this vulnerability impact me? :
Exploiting this vulnerability can lead to denial of service (DoS) or remote code execution (RCE) on the affected device.
An attacker can remotely send a malicious request to the router to crash it or execute arbitrary code, potentially taking control of the device.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for HTTP POST requests sent to the /goform/formSetPassword endpoint containing an unusually large or excessively long "webpage" parameter.
A practical detection method is to capture and analyze network traffic for such suspicious POST requests.
- Use a network packet capture tool like tcpdump or Wireshark to filter HTTP POST requests to /goform/formSetPassword.
- Example tcpdump command to capture relevant traffic: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep '/goform/formSetPassword'
- Use curl or similar tools to test the endpoint by sending a POST request with a large "webpage" parameter to see if the device responds abnormally.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable endpoint and monitoring for exploit attempts.
- Block or filter incoming HTTP POST requests to /goform/formSetPassword from untrusted networks using firewall rules.
- Disable remote management of the router's web interface if possible.
- Monitor network traffic for suspicious POST requests with large "webpage" parameters.
- If available, update the router firmware to a version that addresses this vulnerability (note: vendor did not respond, so check for any unofficial patches or mitigations).
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The CVE-2026-5043 vulnerability in the Belkin F9K1122 router allows remote exploitation via a stack-based buffer overflow, potentially leading to denial of service or remote code execution. Such vulnerabilities can compromise the confidentiality, integrity, and availability of data processed or transmitted by the affected device.
While the provided information does not explicitly mention compliance with standards like GDPR or HIPAA, the presence of a critical remote code execution vulnerability in a network device could lead to unauthorized access or data breaches. This, in turn, may result in non-compliance with regulations that require protection of personal or sensitive data.
Therefore, organizations using the affected Belkin F9K1122 router firmware version 1.00.33 should consider this vulnerability a risk to regulatory compliance and take appropriate mitigation steps.