Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. This issue affects: smartLink HW-DP: through 1.31 smartLink HW-PN: before 1.02.
AnalysisAI
Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. This issue affects: smartLink HW-DP: through 1.31 smartLink HW-PN: before 1.02. Affected products include: Softing Smartlink Hw-Dp, Softing Smartlink Hw-Pn. Version information: through 1.31.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.
More in Smartlink Hw Dp
View allAn issue was discovered in Softing Industrial Automation uaToolkit Embedded before 1.40. Rated high severity (CVSS 7.5),
Stack-based buffer overflow vulnerability in Softing Industrial Automation GmbH gateways allows overflow buffers. Rated
Same weakness CWE-416 – Use After Free
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2024-55506
GHSA-6wvc-gg7r-g28h