CVE-2025-11299
Published: 05 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11299 is a buffer overflow vulnerability in Belkin F9K1015 firmware version 1.00.10. The flaw affects an unknown function within the /goform/formWanTcpipSetup file, where manipulation of the pppUserName argument triggers the overflow. Published on 2025-10-05, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-119 and CWE-120.
The vulnerability enables remote exploitation by attackers possessing low privileges. No user interaction is required, and attacks have low complexity. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing arbitrary code execution or denial of service on the affected device.
Advisories from VulDB indicate the vendor was contacted early but provided no response, with no patches or official mitigations available. A proof-of-concept exploit is publicly hosted on GitHub, increasing the risk of active misuse.
The exploit is publicly available and might be used in real-world attacks, though no confirmed in-the-wild exploitation has been reported in the provided details.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in the public-facing web management interface (/goform/formWanTcpipSetup) via pppUserName parameter enables remote exploitation for initial access, directly facilitating Exploit Public-Facing Application.