CVE-2025-11301
Published: 05 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11301 is a buffer overflow vulnerability in the Belkin F9K1015 router running firmware version 1.00.10. The flaw affects an unknown function in the /goform/formWlanSetupWPS file, where manipulation of the "webpage" argument triggers the overflow. It is classified under CWE-119 and CWE-120, with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability enables remote exploitation by an attacker possessing low privileges, such as a authenticated user on the network. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing arbitrary code execution or full device compromise.
Advisories from VulDB (ctiid.327182, id.327182) and related submissions document the issue, while a proof-of-concept exploit is publicly available on GitHub at https://github.com/panda666-888/vuls/blob/main/belkin/f9k1015/formWlanSetupWPS.md and the #poc section. The vendor was contacted early regarding disclosure but provided no response, and no patches or mitigations are referenced.
The exploit's public availability increases the risk of real-world attacks against unpatched devices.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in the public-facing web interface (/goform/formWlanSetupWPS) of Belkin F9K1015 router enables remote exploitation for initial access, with public PoC available.