Cyber Resilience

CVE-2026-5608

HighPublic PoC

Published: 06 April 2026

Published
06 April 2026
Modified
30 April 2026
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0073 49.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-5608 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Belkin F9K1122 Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 49.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2026-5608 is a stack-based buffer overflow vulnerability affecting the Belkin F9K1122 router on firmware version 1.00.33. The flaw exists in the formWlanSetup function of the /goform/formWlanSetup file, triggered by manipulation of the "webpage" argument. It is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability enables remote exploitation by an attacker possessing low privileges, such as an authenticated user on the device. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing arbitrary code execution and full device compromise. A public exploit is available for use.

Advisories and details are documented in references including VulDB entries and a GitHub repository. The vendor was contacted early regarding disclosure but has not responded or provided patches or mitigations.

EU & UK References

Vulnerability details

A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public…

more

and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Stack-based buffer overflow in router web interface form handler enables remote authenticated RCE and full device compromise, directly mapping to exploitation of public-facing application and exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-5043Same product: Belkin F9K1122
CVE-2026-5044Same product: Belkin F9K1122
CVE-2026-5042Same product: Belkin F9K1122
CVE-2026-5612Same vendor: Belkin
CVE-2026-5613Same vendor: Belkin
CVE-2026-5629Same vendor: Belkin
CVE-2026-5628Same vendor: Belkin
CVE-2026-5614Same vendor: Belkin
CVE-2026-5611Same vendor: Belkin
CVE-2026-5610Same vendor: Belkin

Affected Assets

belkin
f9k1122 firmware
1.00.33

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents stack-based buffer overflow by validating and sanitizing the 'webpage' argument in the formWlanSetup function.

preventdetect

Implements memory protections such as stack canaries and ASLR to block or detect exploitation of the stack-based buffer overflow.

prevent

Requires timely patching or firmware updates to remediate the specific buffer overflow vulnerability in Belkin F9K1122 firmware 1.00.33.

References