CVE-2026-5043
Last modified
CVE-2026-5043 is a high-severity vulnerability rated 7.4/10 on the CVSS scale. A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. EPSS estimates a 0.79% chance of exploitation in the next 30 days.
Description
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Belkin | F9k1122 Firmware | 1.00.33 |
References
- https://github.com/Litengzheng/vul_db/blob/main/Belkin/vul_154/README.mdExploit, Third Party Advisory
- https://vuldb.com/submit/779124Third Party Advisory, VDB Entry
- https://vuldb.com/vuln/353966Third Party Advisory, VDB Entry
- https://vuldb.com/vuln/353966/ctiPermissions Required, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-5043?
How severe is CVE-2026-5043?
How do I fix CVE-2026-5043?
Are you affected by CVE-2026-5043?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST