Stack-based Buffer Overflow in Belkin F9K1122 Router
CVE-2025-7090
Key Information:
Badges
What is CVE-2025-7090?
A vulnerability has been identified in the Belkin F9K1122 router, specifically in the formConnectionSetting function within the /goform/formConnectionSetting file. By manipulating the arguments max_Conn or timeOut, attackers can exploit a stack-based buffer overflow. This vulnerability can be remotely exploited, posing significant risk to users. The issue was disclosed publicly, raising concerns about potential attacks targeting this flaw. Despite an early notification, the vendor did not respond to requests for remediation details.
Affected Version(s)
F9K1122 1.00.33
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved