Vulnerabilities > CVE-2021-33317 - NULL Pointer Dereference vulnerability in Trendnet products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 9 | |
Hardware | 9 |