CVE-2026-5610
Received Received - Intake
Stack-Based Buffer Overflow in Belkin F9K1015 formWISP5G

Publication date: 2026-04-06

Last updated on: 2026-04-30

Assigner: VulDB

Description
A vulnerability has been found in Belkin F9K1015 1.00.10. Affected by this issue is the function formWISP5G of the file /goform/formWISP5G. Such manipulation of the argument webpage leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-06
Last Modified
2026-04-30
Generated
2026-06-16
AI Q&A
2026-04-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5610
EUVD
EUVD-2026-19150
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
belkin f9k1015_firmware 1.00.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-5610 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-5610 is a stack-based buffer overflow vulnerability found in the Belkin F9K1015 router firmware version 1.00.10. It occurs in the formWISP5G function of the router's web interface, specifically when processing a user-supplied parameter named "webpage."

The vulnerability arises because the "webpage" parameter is copied into a fixed-size buffer on the stack without proper length validation, using the unsafe strcpy function. This allows an attacker to overflow the buffer by sending a specially crafted HTTP POST request to the /goform/formWISP5G endpoint.

Exploitation of this flaw can lead to denial of service or remote code execution on the affected device.

Impact Analysis

This vulnerability can have serious impacts including denial of service and remote code execution on the affected Belkin F9K1015 router.

  • Denial of Service (DoS): An attacker can crash the router or disrupt its normal operation by exploiting the buffer overflow.
  • Remote Code Execution (RCE): An attacker may execute arbitrary code remotely, potentially gaining control over the router.
  • Compromise of Network Security: With control over the router, an attacker could intercept, modify, or redirect network traffic.
Detection Guidance

This vulnerability can be detected by monitoring for suspicious HTTP POST requests sent to the /goform/formWISP5G endpoint on the Belkin F9K1015 router. Specifically, look for POST requests containing an unusually large payload in the "webpage" parameter, which is used to trigger the stack-based buffer overflow.

A practical detection method is to capture network traffic and filter for POST requests to /goform/formWISP5G with large "webpage" parameter values.

  • Use a network packet capture tool like tcpdump or Wireshark to monitor traffic.
  • Example tcpdump command to capture relevant HTTP POST requests: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep -i 'POST /goform/formWISP5G'
  • Alternatively, use curl or similar tools to test the endpoint by sending a crafted POST request with a large "webpage" parameter payload to check if the device responds abnormally.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint and limiting exposure of the affected device to untrusted networks.

Specifically:

  • Block or filter incoming HTTP POST requests to /goform/formWISP5G at the network perimeter or firewall.
  • Restrict management access to the Belkin F9K1015 router to trusted internal networks only.
  • Monitor the device for unusual behavior or crashes that may indicate exploitation attempts.
  • Since the vendor has not responded with a patch, consider isolating or replacing the affected device if possible.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5610. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart