Primary

Context

Belkin F9K1122 Stack-Based Buffer Overflow Vulnerability

Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in the Belkin F9K1122 router running firmware version 1.00.33. The issue arises in the 'formConnectionSetting' function within the '/goform/formConnectionSetting' file, where the 'max_Conn' and 'timeOut' arguments can be manipulated. This vulnerability allows remote attackers to execute arbitrary code by overwriting the stack with malicious payloads.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, allowing for arbitrary code execution on the affected device.

Reproduction

To reproduce this vulnerability, send a request to the '/goform/formConnectionSetting' endpoint with overly long 'max_Conn' and 'timeOut' parameters. The router will crash, indicating a successful exploitation of the buffer overflow condition.

Added: Jul 6, 2025, 7:17 PM

Updated: Jul 6, 2025, 7:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Belkin F9K1122 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating