CVE-2025-8730 PoC — Belkin F9K1009和Belkin F9K1010 安全漏洞

Source

Associated Vulnerability

Description

Exploit demonstrating an authentication bypass vulnerability  in the web interface of Belkin F9K1009 and F9K1010 routers.

Readme

## CVE-2025-8730 – Authentication Bypass in Belkin F9K1009/F9K1010

**Author : Byte Reaper**

## Description :
This repository contains a  exploit for CVE‑2025‑8730, a critical Authentication Bypass vulnerability affecting the web interface of Belkin F9K1009 and F9K1010 routers.

The flaw lies in the session validation logic of the /login.htm file, where improperly handled cookies or crafted requests allow attackers to bypass login checks and gain full access to the administrative interface without valid credentials.

This vulnerability enables remote attackers (with network access) to:

Access sensitive configuration data

Modify router settings

Deploy further payloads for persistence or lateral movement

## References :
NVD Entry: https://nvd.nist.gov/vuln/detail/CVE-2025-8730


## Usage :
```
    gcc exploit.c argparse.c -o CVE-2025-8730  -lcurl
    ./CVE-2025-8730 -i 192.168.1.1 
    Verbose Mode : 
    ./CVE-2025-8730 -i 192.168.1.1 -v -c [cookie file]
    Full URl :
    ./CVE-2025-8730 -f http://<IP>/<LOGIN_FILE>
    Sleep (second):
    ./CVE-2025-8730 -i 192.168.1.1 -s 1 
    Number Request (For loop), example 10 Request POST :
    ./CVE-2025-8730 -i 192.168.1.1 -k 10 -s 1 -v

```

License :

MIT License

File Snapshot

 [4.0K]  /data/pocs/48680c04ae56c077b6d3e43aaa5f6d8aa3024566
├── [ 14K]  exploit.c
├── [1.0K]  LICENSE
└── [1.2K]  README.md

0 directories, 3 files

Remarks