Belkin F9K1015 formSetWanStatic command injection_CVE-2025-11298

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in Belkin F9K1015 1.00.10. Impacted is an unknown function of the file /goform/formSetWanStatic. Executing manipulation of the argument m_wan_ipaddr can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-11298

Source VulDB

Published Oct 5, 2025 at 18:02

Affected Product

Vendor Belkin

Product F9K1015

Version 1.00.10

Affected Versions Belkin F9K1015 1.00.10

CWE Classification

CWE-77 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in Belkin F9K1015 1.00.10. Impacted is an unknown function of the file /goform/formSetWanStatic. Executing manipulation of the argument m_wan_ipaddr can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-10-05T18:02:05.803Z",
    "modified": "2025-10-05T18:02:05.803Z",
    "type": "cve",
    "title": "Belkin F9K1015 formSetWanStatic command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.327179\nhttps://vuldb.com/?ctiid.327179\nhttps://vuldb.com/?submit.661302\nhttps://github.com/panda666-888/vuls/blob/main/belkin/f9k1015/formSetWanStatic.md\nhttps://github.com/panda666-888/vuls/blob/main/belkin/f9k1015/formSetWanStatic.md#poc",
    "id": "CVE-2025-11298",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Belkin F9K1015 1.00.10",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "F9K1015",
    "version": "1.00.10",
    "vendor": "Belkin",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}