CVE-2026-5628
Published: 06 April 2026
Summary
CVE-2026-5628 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Belkin F9K1015 Firmware. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 28.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents stack-based buffer overflows by validating the 'webpage' argument in the formSetSystemSettings function against bounds and expected formats.
Implements memory safeguards like stack canaries, ASLR, and non-executable stacks to block exploitation of the stack-based buffer overflow even if invalid input reaches the handler.
Requires timely flaw remediation through firmware updates to eliminate the buffer overflow vulnerability in the Belkin F9K1015 router's Setting Handler.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The remote stack-based buffer overflow in the public-facing web interface (formSetSystemSettings) of the router allows low-privileged attackers to achieve arbitrary code execution with high impact on C/I/A, directly enabling exploitation of public-facing applications (T1190) and exploitation for privilege escalation (T1068).
NVD Description
A security vulnerability has been detected in Belkin F9K1015 1.00.10. Impacted is the function formSetSystemSettings of the file /goform/formSetSystemSettings of the component Setting Handler. The manipulation of the argument webpage leads to stack-based buffer overflow. Remote exploitation of the attack…
more
is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Deeper analysisAI
CVE-2026-5628 is a stack-based buffer overflow vulnerability affecting the Belkin F9K1015 router running firmware version 1.00.10. The flaw resides in the formSetSystemSettings function of the /goform/formSetSystemSettings file within the Setting Handler component, triggered by manipulation of the "webpage" argument. Published on 2026-04-06, it is associated with CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), earning a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Remote attackers with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, likely allowing arbitrary code execution on the affected device.
Advisories from VulDB and related references, including a GitHub repository, confirm public disclosure of the exploit, which may be actively used. The vendor was notified early but provided no response, and no patches or mitigations are mentioned in available sources. Security practitioners should isolate affected devices and monitor for anomalous activity until firmware updates are released.
Details
- CWE(s)