CVE-2009-20009

Severity CVSS v4.0:
CRITICAL
Type:
CWE-121 Stack-based Buffer Overflow
Publication date:
30/08/2025
Last modified:
02/09/2025

Description

Belkin Bulldog Plus version 4.0.2 build 1219 contains a stack-based buffer overflow vulnerability in its web service authentication handler. When a specially crafted HTTP request is sent with an oversized Authorization header, the application fails to properly validate the input length before copying it into a fixed-size buffer, resulting in memory corruption and potential remote code execution. Exploitation requires network access and does not require prior authentication.