Belkin F9K1015 Command Injection Vulnerability

A command injection vulnerability has been identified in the Belkin F9K1015 router, specifically in version 1.00.10. The issue arises in the '/goform/mp' endpoint, where the 'command' parameter is processed without proper length validation. This oversight allows for arbitrary command execution on the device. Additionally, this vulnerability is accompanied by a buffer overflow issue, further complicating the device's security.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected router.

Reproduction

To reproduce this vulnerability, send a POST request to '/goform/mp' with a crafted 'command' parameter. The absence of length checks on the 'command' parameter enables both command injection and buffer overflow. The command injection can be demonstrated by using a command that, for example, pings an external IP address. The buffer overflow can be triggered by sending a 'command' value that exceeds the buffer's capacity, such as a long string of repeated characters.