This page lists publicly disclosed CVE vulnerabilities affecting softing smartlink_sw-ht (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-13406 | NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43. | 10de8ef9-5c89-4b17-8228-e97b74acf4bd | 6.8 | 0.32% | 2026-03-17 | 2026-06-17 |
| CVE-2025-10685 | Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT (Webserver modules) allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42 | 10de8ef9-5c89-4b17-8228-e97b74acf4bd | 7.7 | 0.49% | 2026-03-16 | 2026-06-17 |
| CVE-2025-10461 | Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03. | 10de8ef9-5c89-4b17-8228-e97b74acf4bd | 5.3 | 0.37% | 2026-03-16 | 2026-06-17 |
| CVE-2022-48193 | Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). | [email protected] | 5.9 | 0.27% | 2023-11-06 | 2026-06-17 |
| CVE-2022-48192 | Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application. | [email protected] | 7.2 | 0.38% | 2023-11-06 | 2026-06-17 |