ID

VAR-202604-0670


CVE

CVE-2026-5608


TITLE

Belkin International of F9K1122  Multiple vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-013824

DESCRIPTION

A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-5608 // JVNDB: JVNDB-2026-013824

AFFECTED PRODUCTS

vendor:belkinmodel:f9k1122scope:eqversion:1.00.33

Trust: 1.0

vendor:belkinmodel:f9k1122scope: - version: -

Trust: 0.8

vendor:belkinmodel:f9k1122scope:eqversion: -

Trust: 0.8

vendor:belkinmodel:f9k1122scope:eqversion:f9k1122 firmware 1.00.33

Trust: 0.8

sources: JVNDB: JVNDB-2026-013824 // NVD: CVE-2026-5608

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-5608
value: HIGH

Trust: 1.0

OTHER: JVNDB-2026-013824
value: HIGH

Trust: 0.8

cna@vuldb.com: CVE-2026-5608
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2026-013824
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

cna@vuldb.com: CVE-2026-5608
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2026-013824
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2026-013824 // NVD: CVE-2026-5608

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:CWE-119

Trust: 1.0

problemtype:Buffer error (CWE-119) [ others ]

Trust: 0.8

problemtype: Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2026-013824 // NVD: CVE-2026-5608

PATCH

title://vuldb.com/vuln/355399url:https://github.com/Litengzheng/vul_db/blob/main/Belkin/vul_80/README.md

Trust: 0.8

sources: JVNDB: JVNDB-2026-013824

EXTERNAL IDS

db:NVDid:CVE-2026-5608

Trust: 2.6

db:JVNDBid:JVNDB-2026-013824

Trust: 0.8

sources: JVNDB: JVNDB-2026-013824 // NVD: CVE-2026-5608

REFERENCES

url:https://vuldb.com/submit/785315

Trust: 1.0

url:https://vuldb.com/vuln/355399/cti

Trust: 1.0

url:https://github.com/litengzheng/vul_db/blob/main/belkin/vul_80/readme.md

Trust: 1.0

url:https://vuldb.com/vuln/355399

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2026-5608

Trust: 0.8

sources: JVNDB: JVNDB-2026-013824 // NVD: CVE-2026-5608

SOURCES

db:JVNDBid:JVNDB-2026-013824
db:NVDid:CVE-2026-5608

LAST UPDATE DATE

2026-06-19T23:19:13.462000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2026-013824date:2026-05-01T01:44:00
db:NVDid:CVE-2026-5608date:2026-04-30T13:46:56.423

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2026-013824date:2026-05-01T00:00:00
db:NVDid:CVE-2026-5608date:2026-04-06T01:16:40.367