Platform
linux
Component
belkin-f9k1015
CVE-2026-5613 describes a stack-based buffer overflow vulnerability affecting the Belkin F9K1015 device running firmware version 1.00.10. This flaw allows a remote attacker to trigger an overflow by manipulating the 'webpage' argument within the /goform/formReboot function. The availability of a public exploit significantly increases the risk of exploitation, and the vendor has not responded to early disclosure attempts.
Successful exploitation of CVE-2026-5613 could lead to a denial-of-service (DoS) condition, potentially disrupting network connectivity and device functionality. A skilled attacker might be able to leverage the buffer overflow to execute arbitrary code on the device, gaining control of the F9K1015 and potentially accessing sensitive data or using it as a pivot point to compromise other systems on the network. The public availability of an exploit means that attackers with varying skill levels can potentially exploit this vulnerability, expanding the attack surface.
CVE-2026-5613 is publicly exploitable, which significantly elevates the risk. The vulnerability was disclosed on 2026-04-06, and a public proof-of-concept (PoC) is available, indicating a high probability of exploitation. The lack of response from the vendor further exacerbates the situation, leaving users with limited options for immediate protection. No KEV listing is currently available.
Exploit Status
EPSS
0.05% (14% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5613 is to upgrade the Belkin F9K1015 firmware to a patched version. As the vendor has not released a fix, consider isolating the device from external networks to limit potential attack vectors. Implementing strict firewall rules to restrict access to the /goform/formReboot endpoint can also reduce the attack surface. Monitor network traffic for suspicious activity targeting the device, particularly requests containing unusual or excessively long 'webpage' parameters. After applying any mitigation steps, verify functionality by attempting a standard reboot and confirming that the device operates as expected.
Update the firmware of the Belkin F9K1015 device to a version corrected by the manufacturer. Since the vendor has not responded, it is recommended to contact Belkin technical support or search for updates on their official website. Until an update is published, it is recommended to isolate the device from the network to mitigate the risk of remote exploitation.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5613 is a HIGH severity buffer overflow vulnerability in the Belkin F9K1015 device, version 1.00.10, allowing remote attackers to potentially execute code.
If you are using a Belkin F9K1015 device running firmware version 1.00.10, you are potentially affected by this vulnerability.
The recommended fix is to upgrade to a patched firmware version. As no patch is currently available, isolate the device and restrict access to the vulnerable endpoint.
Yes, a public exploit is available, indicating a high probability of active exploitation.
Unfortunately, Belkin has not released an official advisory for this vulnerability at this time.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.