CVE-2025-13406 | THREATINT

Description

NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43.

PUBLISHED Reserved 2025-11-19 | Published 2026-03-17 | Updated 2026-03-27 | Assigner Softing

MEDIUM: 6.8CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/RE:L/U:Red

Problem types

CWE-476 NULL Pointer Dereference

Product status

Default status

unaffected

1.43 (custom)

affected

1.43.1 (custom)

unaffected

References

industrial.softing.com/...downloads/2025/CVE-2025-13406.html

industrial.softing.com/...downloads/2025/CVE-2025-13406.json

cve.org (CVE-2025-13406)

nvd.nist.gov (CVE-2025-13406)

Download JSON