Primary

Context

TRENDnet TEW-637AP and TEW-638APB HTTP Request Handler Null Pointer Dereference Vulnerability

Vulnerability

A null pointer dereference vulnerability has been identified in the TRENDnet TEW-637AP and TEW-638APB access point models, specifically in firmware versions 1.2.7 and 1.3.0.106. The issue arises in the HTTP request handler component, within the function sub_41DED0, where improper handling of requests can lead to a denial-of-service condition. This vulnerability requires access to the local network to exploit.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by leading to a null pointer dereference, which can cause the device to crash or become unresponsive.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TRENDnet TEW-637AP and TEW-638APB HTTP Request Handler Null Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

TRENDnet TEW-637AP

TRENDnet TEW-638APB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating