{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-7093","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-07-05T15:24:55.517Z","datePublished":"2025-07-06T20:32:05.782Z","dateUpdated":"2025-07-07T15:57:38.459Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-07-06T20:32:05.782Z"},"title":"Belkin F9K1122 webs formSetLanguage stack-based overflow","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-121","lang":"en","description":"Stack-based Buffer Overflow"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-119","lang":"en","description":"Memory Corruption"}]}],"affected":[{"vendor":"Belkin","product":"F9K1122","versions":[{"version":"1.00.33","status":"affected"}],"modules":["webs"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. Affected by this vulnerability is the function formSetLanguage of the file /goform/formSetLanguage of the component webs. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."},{"lang":"de","value":"In Belkin F9K1122 1.00.33 wurde eine kritische Schwachstelle ausgemacht. Betroffen ist die Funktion formSetLanguage der Datei /goform/formSetLanguage der Komponente webs. Dank der Manipulation des Arguments webpage mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":8.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P","baseSeverity":"HIGH"}},{"cvssV3_1":{"version":"3.1","baseScore":8.8,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R","baseSeverity":"HIGH"}},{"cvssV3_0":{"version":"3.0","baseScore":8.8,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R","baseSeverity":"HIGH"}},{"cvssV2_0":{"version":"2.0","baseScore":9,"vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-07-05T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-07-05T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-07-05T17:30:22.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"pjqwudi (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.315007","name":"VDB-315007 | Belkin F9K1122 webs formSetLanguage stack-based overflow","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.315007","name":"VDB-315007 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.603710","name":"Submit #603710 | Belkin F9K1122 1.00.33 Stack-based Buffer Overflow","tags":["third-party-advisory"]},{"url":"https://github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_13/13.md","tags":["related"]},{"url":"https://github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_13/13.md#poc","tags":["exploit"]}]},"adp":[{"references":[{"url":"https://github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_13/13.md","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-07-07T15:57:34.065592Z","id":"CVE-2025-7093","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-07-07T15:57:38.459Z"}}]}}