Sign-up

ID

VAR-202503-2765


CVE

CVE-2025-2958


TITLE

TRENDnet  of  TEW-818DRU  Improper Shutdown and Release of Resources in Firmware Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2025-009966

DESCRIPTION

A vulnerability was found in TRENDnet TEW-818DRU 1.0.14.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. TRENDnet of TEW-818DRU A vulnerability exists in firmware related to improper shutdown and release of resources.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2025-2958 // JVNDB: JVNDB-2025-009966

AFFECTED PRODUCTS

vendor:trendnetmodel:tew-818druscope:eqversion:1.0.14.6

Trust: 1.0

vendor:trendnetmodel:tew-818druscope: - version: -

Trust: 0.8

vendor:trendnetmodel:tew-818druscope:eqversion:tew-818dru firmware 1.0.14.6

Trust: 0.8

vendor:trendnetmodel:tew-818druscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2025-009966 // NVD: CVE-2025-2958

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-2958
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-009966
value: MEDIUM

Trust: 0.8

cna@vuldb.com: CVE-2025-2958
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2025-009966
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

cna@vuldb.com: CVE-2025-2958
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-009966
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2025-009966 // NVD: CVE-2025-2958

PROBLEMTYPE DATA

problemtype:CWE-404

Trust: 1.0

problemtype:Improper shutdown and release of resources (CWE-404) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-009966 // NVD: CVE-2025-2958

EXTERNAL IDS

db:NVDid:CVE-2025-2958

Trust: 2.6

db:VULDBid:302011

Trust: 1.8

db:JVNDBid:JVNDB-2025-009966

Trust: 0.8

sources: JVNDB: JVNDB-2025-009966 // NVD: CVE-2025-2958

REFERENCES

url:https://docs.google.com/document/d/1dhusupeizmqfbje_0sjsjvcfsppefdak/edit#heading=h.gjdgxs

Trust: 1.8

url:https://drive.google.com/file/d/1sbz63uqg6qjyjpfcly5wbqwrh-nmrnzq/view?usp=drive_link

Trust: 1.8

url:https://vuldb.com/?id.302011

Trust: 1.8

url:https://vuldb.com/?submit.521723

Trust: 1.8

url:https://vuldb.com/?ctiid.302011

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-2958

Trust: 0.8

sources: JVNDB: JVNDB-2025-009966 // NVD: CVE-2025-2958

SOURCES

db:JVNDBid:JVNDB-2025-009966
db:NVDid:CVE-2025-2958

LAST UPDATE DATE

2025-07-28T23:15:46.789000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2025-009966date:2025-07-25T09:07:00
db:NVDid:CVE-2025-2958date:2025-07-18T15:50:48.113

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2025-009966date:2025-07-25T00:00:00
db:NVDid:CVE-2025-2958date:2025-03-30T20:15:14.490