CVE-2026-5043

Name of the Vulnerable Software and Affected Versions Belkin F9K1122 version 1.00.33

Description A weakness exists in Belkin F9K1122. The issue involves the formSetPassword function within the Parameter Handler component, specifically in the file /goform/formSetPassword. Manipulation of the webpage argument can trigger a stack-based buffer overflow. Remote exploitation is possible, and an exploit has been publicly released. The vendor was notified but did not respond.

Recommendations Disable or restrict access to the /goform/formSetPassword file and the formSetPassword function as a temporary workaround until a patch is available.