Home
HIGH: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HDefault status
unaffected
0.0.0 (semver) before 3.6.32
affected
Default status
unaffected
0.0.0 (semver) before 3.6.32
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.5.36
affected
Default status
unaffected
0.0.0 (semver) before 3.3.34
affected
Default status
unaffected
0.0.0 (semver) before 3.3.34
affected
Default status
unaffected
0.0.0 (semver) before 3.4.32
affected
Default status
unaffected
0.0.0 (semver) before 3.4.32
affected
Default status
unaffected
0.0.0 (semver) before 3.4.40
affected
Default status
unaffected
0.0.0 (semver) before 3.4.40
affected
Description
An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header, potentially causing the server to crash or become unresponsive.
Problem types
CWE-410 Insufficient Resource Pool
Product status
0.0.0 (semver) before 3.6.32
0.0.0 (semver) before 3.6.32
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.5.36
0.0.0 (semver) before 3.3.34
0.0.0 (semver) before 3.3.34
0.0.0 (semver) before 3.4.32
0.0.0 (semver) before 3.4.32
0.0.0 (semver) before 3.4.40
0.0.0 (semver) before 3.4.40
References
certvde.com/en/advisories/VDE-2025-044/