CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2956 – TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference
https://notcve.org/view.php?id=CVE-2025-2956
30 Mar 2025 — A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. • https://docs.google.com/document/d/16iWGXHpmlwJ0GAOi458YlpR56McCvDcN/edit#heading=h.gjdgxs • CWE-404: Improper Resource Shutdown or Release CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2021-33317
https://notcve.org/view.php?id=CVE-2021-33317
11 May 2022 — The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. El switch TRENDnet TI-PG1284i (hw versión v2.0R) versiones anteriores a 2.0.2.S0, sufre una vulnerabilidad de desreferencia de puntero null. Esta vulner... • https://www.trendnet.com/support/view.asp?cat=4&id=81 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-33315
https://notcve.org/view.php?id=CVE-2021-33315
11 May 2022 — The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. El switch TRENDnet TI-PG1284i (hw versión v2.0R) versiones anteriores a 2.0.2.S0,... • https://www.trendnet.com/support/view.asp?cat=4&id=81 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-33316
https://notcve.org/view.php?id=CVE-2021-33316
11 May 2022 — The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. El switch TRENDnet TI-PG1284i (hw versión v2.0R) versiones anteriores a 2.0.2.... • https://www.trendnet.com/support/view.asp?cat=4&id=81 • CWE-20: Improper Input Validation •