CVE-2025-13406
Received
Received - Intake
NULL Pointer Dereference in Softing smartLink SW-HT Causes HTTP DoS
Vulnerability report for CVE-2025-13406, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-03-17
Last updated on: 2026-03-27
Assigner: Softing
Description
Description
NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| softing_industrial_automation_gmbh | smartlink_sw_ht | 1.43 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |