CVE-2025-11295
Published: 05 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11295 is a buffer overflow vulnerability in the Belkin F9K1015 router running firmware version 1.00.10. The flaw resides in the /goform/formPPPoESetup CGI endpoint, where manipulation of the pppUserName argument triggers the overflow. This issue corresponds to CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input).
Attackers with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction required, as indicated by its CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Successful exploitation enables high-impact confidentiality, integrity, and availability violations, potentially allowing arbitrary code execution on the device.
No patches or mitigations are available, as the vendor was contacted early about the disclosure but did not respond. A proof-of-concept exploit has been published on GitHub, increasing the risk of active exploitation.
The published exploit may already be in use by attackers targeting exposed Belkin F9K1015 devices.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow vulnerability in the public-facing web interface (/goform/formPPPoESetup) via pppUserName parameter enables remote exploitation for initial access.