CVE-2025-8730

CRITICAL

Belkin F9K1009/F9K1010 <2.00.04/2.09 - Hard-coded Credentials

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-8730. PoCs published by Byte Reaper, byteReaper77.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Belkin F9K1009 and F9K1010 routers by leveraging hardcoded credentials. It uses cURL to send POST requests with predefined credentials to bypass authentication and gain unauthorized access.

Description

A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (2)

exploitdb WORKING POC
by Byte Reaper · cremotemultiple
https://www.exploit-db.com/exploits/52407

This exploit demonstrates an authentication bypass vulnerability in Belkin F9K1009 and F9K1010 routers by leveraging hardcoded credentials. It uses cURL to send POST requests with predefined credentials to bypass authentication and gain unauthorized access.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Belkin F9K1009 and F9K1010 routers (firmware versions 2.00.04/2.00.09)
No auth needed
Prerequisites: Network access to the target router · Router web interface exposed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by byteReaper77 · poc
https://github.com/byteReaper77/CVE-2025-8730

The repository contains a functional exploit for CVE-2025-8730, an authentication bypass vulnerability in Belkin F9K1009/F9K1010 routers. The exploit leverages improper session validation in the /login.htm endpoint to bypass authentication and gain administrative access.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Belkin F9K1009/F9K1010 routers
No auth needed
Prerequisites: Network access to the target router · Curl library for HTTP requests
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (7)

Core 7
Core References
Permissions Required, VDB Entry vdb-entry
https://vuldb.com/?id.319226
Permissions Required, VDB Entry signature permissions-required
https://vuldb.com/?ctiid.319226
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.621747
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.621748
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.621760

Scores

CVSS v3 9.8
EPSS 0.4511
EPSS Percentile 97.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-259 CWE-798
Status published
Products (4)
Belkin/F9K1009 2.00.04
Belkin/F9K1009 2.00.09
Belkin/F9K1010 2.00.04
Belkin/F9K1010 2.00.09
Published Aug 08, 2025
Tracked Since Feb 18, 2026