Vulnerabilities > CVE-2021-28841 - NULL Pointer Dereference vulnerability in Trendnet products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

trendnet

CWE-476

NVD

Published: 2021-08-10

Updated: 2021-08-16

Summary

Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to apply_cgi via an action ping_test without a ping_ipaddr key.

Vulnerable Configurations

Part	Description	Count
OS	Trendnet Trendnet TEW 755Ap Firmware 1.11B03 Trendnet TEW 755Ap2Kac Firmware 1.11B03 Trendnet TEW 821Dap2Kac Firmware 1.11B03 Trendnet TEW 825Dap Firmware 1.11B03	4
Hardware	Trendnet Trendnet TEW 755Ap - Trendnet TEW 755Ap2Kac - Trendnet TEW 821Dap2Kac - Trendnet TEW 825Dap -	4

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/zyw-200/EQUAFL/blob/main/TRENDnet%20ticket.pdf