Back to overview

CVE-2025-8730

CRITICAL Exploitation: PoC
9.8
CVSS 3.1
Description
A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Metadata

CVE ID
CVE-2025-8730
State
PUBLISHED
Assigner
VulDB
Reserved
2025-08-08 07:40 UTC
Published
2025-08-08 14:32 UTC
Last updated
2025-08-08 14:51 UTC
Primary CWE
CWE-798
Hard-coded Credentials
Vendor / Product
Belkin / F9K1009
Sources
cve.org  ·  NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
SSVC — CISA Coordinator
Exploitation
PoC
Automatable
yes
Tech. Impact
total
Affected products (2)
VendorProductPlatformVersions
Belkin F9K1009 2.00.04, 2.00.09
Belkin F9K1010 2.00.04, 2.00.09
Weakness (CWE)
CWESourceDescription
CWE-259 cna Use of Hard-coded Password
CWE-798 cna Hard-coded Credentials
CVSS scores (4)
ScoreSeverityVersionSourceVector
10.0 N/D 2.0 cna AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR
9.8 CRITICAL 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
9.8 CRITICAL 3.0 cna CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
9.3 CRITICAL 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
References (7)
Back to overview