CVE-2025-11297
Published: 05 October 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-11297 is a buffer overflow vulnerability in the Belkin F9K1015 router running firmware version 1.00.10. The issue resides in the processing of the /goform/formSetLanguage endpoint, where manipulation of the "webpage" argument triggers the overflow. This flaw is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-120 (Buffer Copy without Checking Size of Input), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability can be exploited remotely by an attacker with low privileges (PR:L), such as an authenticated user on the device. Successful exploitation allows arbitrary code execution, potentially granting high-impact confidentiality, integrity, and availability compromises, including full device takeover.
No patches or mitigations are available, as the vendor was contacted early for disclosure but provided no response. References include proof-of-concept exploit details on GitHub and entries on VulDB documenting the issue.
The exploit has been publicly disclosed, including a POC on GitHub, increasing the risk of active exploitation against unpatched Belkin F9K1015 devices.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Remote buffer overflow in public-facing web endpoint (/goform/formSetLanguage) enables exploitation of public-facing application (T1190) and application/system exploitation for denial of service (T1499.004).