CVE-2025-2957

Published Mar 30, 2025

Last updated 4 days ago

CVSS high 7.1

Overview

Description
A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub_401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Source
cna@vuldb.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
7.1
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Primary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
MEDIUM

CVSS 2.0

Type
Secondary
Base score
6.1
Impact score
6.9
Exploitability score
6.5
Vector string
AV:A/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

cna@vuldb.com
CWE-404

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-2957 🔴 HIGH (7.1) 🏢 TRENDnet - TEW-411BRP+ 🏗️ 2.07 🔗 https://t.co/nXd2tAAeVl 🔗 https://t.co/dSN9zOd8TG 🔗 https://t.co/zCtKmEF1tX 🔗 https://t.co/wbfj19rXOm 🔗 https://t.co/lVAVcvsvhi #CyberCron #VulnAlert #InfoSec https://t.co/EDqZ0K4htP

    @cybercronai

    1 Apr 2025

    19 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-2957 03/30/2025 07:15:14 PM BaseSeverity: HIGH A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub_401DB0... https://t.co/NYHJTTUmiN

    @CVETracker

    30 Mar 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-2957 TRENDnet TEW-411BRP+ Null Pointer Dereference in HTTP Request Hand... https://t.co/uLxhe1ZxjX Customizable Vulnerability Alerts: https://t.co/U7998fz7yk

    @VulmonFeeds

    30 Mar 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-2957 A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub_401DB0 of the file /usr/sbin/httpd of the co… https://t.co/ygdFKgLftZ

    @CVEnew

    30 Mar 2025

    605 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References