CVE-2026-5043
Published: 29 March 2026
Summary
CVE-2026-5043 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Belkin F9K1122 Firmware. Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 48.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2026-5043 is a stack-based buffer overflow vulnerability in the formSetPassword function within the /goform/formSetPassword file of the Parameter Handler component on the Belkin F9K1122 router running firmware version 1.00.33. The flaw arises from manipulation of the "webpage" argument, enabling remote exploitation. It is associated with CWEs-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-121 (Stack-based Buffer Overflow), and CWE-787 (Out-of-bounds Write), and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
An attacker with low privileges, such as an authenticated user with network access to the device, can remotely exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows high-impact consequences, including unauthorized access to confidential data, modification of system integrity, and denial of service through availability disruption, potentially leading to full remote code execution on the affected router.
Advisories from sources like VulDB indicate that the vendor was contacted early regarding this issue but provided no response, with no patches or mitigations released. An exploit is publicly available via a GitHub repository, increasing the risk of active attacks against unpatched devices.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-16989
Vulnerability details
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack…
more
is possible. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in router web form (/goform/formSetPassword) enables remote authenticated RCE from low-priv access, mapping directly to public-facing web app exploitation and priv-escalation via memory corruption.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly validates the 'webpage' argument in the formSetPassword function to prevent stack-based buffer overflow exploitation.
Implements memory protections such as stack canaries, ASLR, and DEP to mitigate stack-based buffer overflows in the Parameter Handler.
Requires timely remediation of the identified buffer overflow flaw through firmware patching or replacement to eliminate the vulnerability.