CVE-2021-33317
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference.
El switch TRENDnet TI-PG1284i (hw versión v2.0R) versiones anteriores a 2.0.2.S0, sufre una vulnerabilidad de desreferencia de puntero null. Esta vulnerabilidad se presenta en su componente relacionado con lldp. Debido a que no es comprobado si el TLV ChassisID está contenido en el paquete, mediante el envío de un paquete lldp diseñado al dispositivo, un atacante puede bloquear el proceso debido a la desreferencia de puntero nulo
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-05-20 CVE Reserved
- 2022-05-11 CVE Published
- 2023-12-02 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.trendnet.com/support/view.asp?cat=4&id=81 | 2022-05-20 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Trendnet Search vendor "Trendnet" | Ti-pg1284i Firmware Search vendor "Trendnet" for product "Ti-pg1284i Firmware" | < 2.0.2.s0 Search vendor "Trendnet" for product "Ti-pg1284i Firmware" and version " < 2.0.2.s0" | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Ti-pg1284i Search vendor "Trendnet" for product "Ti-pg1284i" | 2.0r Search vendor "Trendnet" for product "Ti-pg1284i" and version "2.0r" | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Ti-g102i Firmware Search vendor "Trendnet" for product "Ti-g102i Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Ti-g102i Search vendor "Trendnet" for product "Ti-g102i" | - | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Ti-g160i Firmware Search vendor "Trendnet" for product "Ti-g160i Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Ti-g160i Search vendor "Trendnet" for product "Ti-g160i" | - | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Ti-g642i Firmware Search vendor "Trendnet" for product "Ti-g642i Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Ti-g642i Search vendor "Trendnet" for product "Ti-g642i" | - | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Ti-pg102i Firmware Search vendor "Trendnet" for product "Ti-pg102i Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Ti-pg102i Search vendor "Trendnet" for product "Ti-pg102i" | - | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Ti-pg541i Firmware Search vendor "Trendnet" for product "Ti-pg541i Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Ti-pg541i Search vendor "Trendnet" for product "Ti-pg541i" | - | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Ti-rp262i Firmware Search vendor "Trendnet" for product "Ti-rp262i Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Ti-rp262i Search vendor "Trendnet" for product "Ti-rp262i" | - | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Teg-30102ws Firmware Search vendor "Trendnet" for product "Teg-30102ws Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Teg-30102ws Search vendor "Trendnet" for product "Teg-30102ws" | - | - |
Safe
|
| Trendnet Search vendor "Trendnet" | Tpe-30102ws Firmware Search vendor "Trendnet" for product "Tpe-30102ws Firmware" | - | - |
Affected
| in | Trendnet Search vendor "Trendnet" | Tpe-30102ws Search vendor "Trendnet" for product "Tpe-30102ws" | - | - |
Safe
|