CVE-2025-7083

Name of the Vulnerable Software and Affected Versions: Belkin F9K1122 version 1.00.33

Description: A critical issue has been found in the Belkin F9K1122, affecting the function mp of the file /goform/mp of the component webs. The manipulation of the argument command leads to os command injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations: For Belkin F9K1122 version 1.00.33, as a temporary workaround, consider disabling the mp function of the /goform/mp file until a patch is available. Restrict access to the webs component to minimize the risk of exploitation. Avoid using the command argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.