Search criteria
5 vulnerabilities found for TI-G102i by TRENDnet
CVE-2025-2956 (GCVE-0-2025-2956)
Vulnerability from cvelistv5 – Published: 2025-03-30 18:00 – Updated: 2025-03-31 14:01
VLAI?
Title
TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference
Summary
A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
6.5 (Medium)
6.5 (Medium)
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Credits
zhongwei gu (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2956",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-31T14:01:11.074713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T14:01:26.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP Request Handler"
],
"product": "TI-G102i",
"vendor": "TRENDnet",
"versions": [
{
"status": "affected",
"version": "1.0.7.S0_"
},
{
"status": "affected",
"version": "1.0.8.S0_"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zhongwei gu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine problematische Schwachstelle wurde in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ gefunden. Hierbei geht es um die Funktion plugins_call_handle_uri_raw der Datei /usr/sbin/lighttpd der Komponente HTTP Request Handler. Durch Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.1,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-30T18:00:09.819Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-302009 | TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.302009"
},
{
"name": "VDB-302009 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.302009"
},
{
"name": "Submit #521717 | TRENDnet Router FW_TI_G102i_v1_1.0.8.S0_/FW_TI_G642i_v1_1.0.7.S0_ NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.521717"
},
{
"tags": [
"related"
],
"url": "https://docs.google.com/document/d/16iWGXHpmlwJ0GAOi458YlpR56McCvDcN/edit#heading=h.gjdgxs"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1irEQCJRvcJbh1PdPbk0PRwJB8-fc5mYR/view?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-29T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-29T20:56:53.000Z",
"value": "VulDB entry last update"
}
],
"title": "TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2956",
"datePublished": "2025-03-30T18:00:09.819Z",
"dateReserved": "2025-03-29T19:51:40.266Z",
"dateUpdated": "2025-03-31T14:01:26.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2956 (GCVE-0-2025-2956)
Vulnerability from nvd – Published: 2025-03-30 18:00 – Updated: 2025-03-31 14:01
VLAI?
Title
TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference
Summary
A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
6.5 (Medium)
6.5 (Medium)
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Credits
zhongwei gu (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2956",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-31T14:01:11.074713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T14:01:26.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP Request Handler"
],
"product": "TI-G102i",
"vendor": "TRENDnet",
"versions": [
{
"status": "affected",
"version": "1.0.7.S0_"
},
{
"status": "affected",
"version": "1.0.8.S0_"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zhongwei gu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine problematische Schwachstelle wurde in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ gefunden. Hierbei geht es um die Funktion plugins_call_handle_uri_raw der Datei /usr/sbin/lighttpd der Komponente HTTP Request Handler. Durch Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.1,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-30T18:00:09.819Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-302009 | TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.302009"
},
{
"name": "VDB-302009 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.302009"
},
{
"name": "Submit #521717 | TRENDnet Router FW_TI_G102i_v1_1.0.8.S0_/FW_TI_G642i_v1_1.0.7.S0_ NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.521717"
},
{
"tags": [
"related"
],
"url": "https://docs.google.com/document/d/16iWGXHpmlwJ0GAOi458YlpR56McCvDcN/edit#heading=h.gjdgxs"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1irEQCJRvcJbh1PdPbk0PRwJB8-fc5mYR/view?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-29T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-29T20:56:53.000Z",
"value": "VulDB entry last update"
}
],
"title": "TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2956",
"datePublished": "2025-03-30T18:00:09.819Z",
"dateReserved": "2025-03-29T19:51:40.266Z",
"dateUpdated": "2025-03-31T14:01:26.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-202205-0897
Vulnerability from variot - Updated: 2023-12-18 13:59The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. ti-pg1284i firmware, ti-g102i firmware, ti-g160i firmware etc. TRENDnet The product contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TI-PG Series is a series of switches from American Trend Network (TRENDnet) company.
TRENDnet TI-PG1284i versions prior to 2.0.2.S0 have security vulnerabilities, and no detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-0897",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ti-pg1284i",
"scope": "lt",
"trust": 1.0,
"vendor": "trendnet",
"version": "2.0.2.s0"
},
{
"model": "ti-pg541i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "tpe-30102ws",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-rp262i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg102i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g642i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g160i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g102i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "teg-30102ws",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg102i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g160i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg1284i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg541i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "tpe-30102ws",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "teg-30102ws",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g102i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g642i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-rp262i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg1284i \u003c2.0.2.s0",
"scope": null,
"trust": 0.6,
"vendor": "trendnet",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"db": "NVD",
"id": "CVE-2021-33316"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg1284i_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.2.s0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg1284i:2.0r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g102i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g102i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g160i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g160i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g642i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g642i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg102i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg102i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg541i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg541i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-rp262i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-rp262i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:teg-30102ws_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:teg-30102ws:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:tpe-30102ws_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:tpe-30102ws:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33316"
}
]
},
"cve": "CVE-2021-33316",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-33316",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-40314",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-33316",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-33316",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-40314",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3023",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-33316",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"db": "VULMON",
"id": "CVE-2021-33316"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"db": "NVD",
"id": "CVE-2021-33316"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. ti-pg1284i firmware, ti-g102i firmware, ti-g160i firmware etc. TRENDnet The product contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TI-PG Series is a series of switches from American Trend Network (TRENDnet) company. \n\r\n\r\nTRENDnet TI-PG1284i versions prior to 2.0.2.S0 have security vulnerabilities, and no detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33316"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"db": "VULMON",
"id": "CVE-2021-33316"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-33316",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019613",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-40314",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3023",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-33316",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"db": "VULMON",
"id": "CVE-2021-33316"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"db": "NVD",
"id": "CVE-2021-33316"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
]
},
"id": "VAR-202205-0897",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
}
]
},
"last_update_date": "2023-12-18T13:59:42.994000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for TRENDnet TI-PG1284i Integer Underflow Vulnerability (CNVD-2022-40314)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/333691"
},
{
"title": "TRENDnet TI-PG Series Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=199825"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"db": "NVD",
"id": "CVE-2021-33316"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trendnet.com/support/view.asp?cat=4\u0026id=81"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33316"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-33316/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/191.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"db": "VULMON",
"id": "CVE-2021-33316"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"db": "NVD",
"id": "CVE-2021-33316"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"db": "VULMON",
"id": "CVE-2021-33316"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"db": "NVD",
"id": "CVE-2021-33316"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"date": "2022-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33316"
},
{
"date": "2023-08-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"date": "2022-05-11T18:15:22.723000",
"db": "NVD",
"id": "CVE-2021-33316"
},
{
"date": "2022-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-40314"
},
{
"date": "2022-05-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33316"
},
{
"date": "2023-08-07T08:16:00",
"db": "JVNDB",
"id": "JVNDB-2021-019613"
},
{
"date": "2022-07-12T17:42:04.277000",
"db": "NVD",
"id": "CVE-2021-33316"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0TRENDnet\u00a0 Product input verification vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019613"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3023"
}
],
"trust": 0.6
}
}
VAR-202205-0842
Vulnerability from variot - Updated: 2023-12-18 12:34The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. ti-pg1284i firmware, ti-g102i firmware, ti-g160i firmware etc. TRENDnet The product contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TI-PG Series is a series of switches from American Trend Network (TRENDnet) company.
TRENDnet TI-PG1284i versions prior to 2.0.2.S0 have security vulnerabilities, and no detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-0842",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ti-pg1284i",
"scope": "lt",
"trust": 1.0,
"vendor": "trendnet",
"version": "2.0.2.s0"
},
{
"model": "ti-pg541i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "tpe-30102ws",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-rp262i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg102i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g642i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g160i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g102i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "teg-30102ws",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg102i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g160i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg1284i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg541i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "tpe-30102ws",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "teg-30102ws",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g102i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g642i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-rp262i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg1284i \u003c2.0.2.s0",
"scope": null,
"trust": 0.6,
"vendor": "trendnet",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"db": "NVD",
"id": "CVE-2021-33315"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg1284i_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.2.s0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg1284i:2.0r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g102i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g102i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g160i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g160i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g642i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g642i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg102i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg102i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg541i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg541i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-rp262i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-rp262i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:teg-30102ws_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:teg-30102ws:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:tpe-30102ws_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:tpe-30102ws:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33315"
}
]
},
"cve": "CVE-2021-33315",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-33315",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-40308",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-33315",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-33315",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-40308",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3021",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-33315",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"db": "VULMON",
"id": "CVE-2021-33315"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"db": "NVD",
"id": "CVE-2021-33315"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. ti-pg1284i firmware, ti-g102i firmware, ti-g160i firmware etc. TRENDnet The product contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TRENDnet TI-PG Series is a series of switches from American Trend Network (TRENDnet) company. \n\r\n\r\nTRENDnet TI-PG1284i versions prior to 2.0.2.S0 have security vulnerabilities, and no detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33315"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"db": "VULMON",
"id": "CVE-2021-33315"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-33315",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019614",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-40308",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3021",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-33315",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"db": "VULMON",
"id": "CVE-2021-33315"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"db": "NVD",
"id": "CVE-2021-33315"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
]
},
"id": "VAR-202205-0842",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
}
]
},
"last_update_date": "2023-12-18T12:34:29.314000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for TRENDnet TI-PG1284i Integer Underflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/333686"
},
{
"title": "TRENDnet TI-PG Series Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=199824"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"db": "NVD",
"id": "CVE-2021-33315"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trendnet.com/support/view.asp?cat=4\u0026id=81"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33315"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-33315/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/191.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"db": "VULMON",
"id": "CVE-2021-33315"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"db": "NVD",
"id": "CVE-2021-33315"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"db": "VULMON",
"id": "CVE-2021-33315"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"db": "NVD",
"id": "CVE-2021-33315"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"date": "2022-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33315"
},
{
"date": "2023-08-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"date": "2022-05-11T18:15:22.580000",
"db": "NVD",
"id": "CVE-2021-33315"
},
{
"date": "2022-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-40308"
},
{
"date": "2022-05-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33315"
},
{
"date": "2023-08-07T08:16:00",
"db": "JVNDB",
"id": "JVNDB-2021-019614"
},
{
"date": "2022-07-12T17:42:04.277000",
"db": "NVD",
"id": "CVE-2021-33315"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0TRENDnet\u00a0 Product input verification vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019614"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3021"
}
],
"trust": 0.6
}
}
VAR-202205-0578
Vulnerability from variot - Updated: 2023-12-18 12:26The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. ti-pg1284i firmware, ti-g102i firmware, ti-g160i firmware etc. TRENDnet TI-PG Series is a series of switches from American Trend Network (TRENDnet) company
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-0578",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ti-pg1284i",
"scope": "lt",
"trust": 1.0,
"vendor": "trendnet",
"version": "2.0.2.s0"
},
{
"model": "ti-pg541i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "tpe-30102ws",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-rp262i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg102i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g642i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g160i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g102i",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "teg-30102ws",
"scope": "eq",
"trust": 1.0,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg102i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g160i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg1284i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg541i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "tpe-30102ws",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "teg-30102ws",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g102i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-g642i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-rp262i",
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"model": "ti-pg1284i \u003c2.0.2.s0",
"scope": null,
"trust": 0.6,
"vendor": "trendnet",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"db": "NVD",
"id": "CVE-2021-33317"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg1284i_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.2.s0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg1284i:2.0r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g102i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g102i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g160i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g160i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-g642i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-g642i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg102i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg102i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-pg541i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-pg541i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:ti-rp262i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:ti-rp262i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:teg-30102ws_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:teg-30102ws:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:trendnet:tpe-30102ws_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:trendnet:tpe-30102ws:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33317"
}
]
},
"cve": "CVE-2021-33317",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-33317",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-40315",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-33317",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-33317",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-40315",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-3024",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-33317",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"db": "VULMON",
"id": "CVE-2021-33317"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"db": "NVD",
"id": "CVE-2021-33317"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference. ti-pg1284i firmware, ti-g102i firmware, ti-g160i firmware etc. TRENDnet TI-PG Series is a series of switches from American Trend Network (TRENDnet) company",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-33317"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"db": "VULMON",
"id": "CVE-2021-33317"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-33317",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019612",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-40315",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3024",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-33317",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"db": "VULMON",
"id": "CVE-2021-33317"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"db": "NVD",
"id": "CVE-2021-33317"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
]
},
"id": "VAR-202205-0578",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
}
]
},
"last_update_date": "2023-12-18T12:26:13.362000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for TRENDnet TI-PG1284i Null Pointer Dereference Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/333696"
},
{
"title": "TRENDnet TI-PG1284i Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=193704"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "NULL Pointer dereference (CWE-476) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"db": "NVD",
"id": "CVE-2021-33317"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.trendnet.com/support/view.asp?cat=4\u0026id=81"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33317"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-33317/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"db": "VULMON",
"id": "CVE-2021-33317"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"db": "NVD",
"id": "CVE-2021-33317"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"db": "VULMON",
"id": "CVE-2021-33317"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"db": "NVD",
"id": "CVE-2021-33317"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"date": "2022-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33317"
},
{
"date": "2023-08-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"date": "2022-05-11T18:15:22.783000",
"db": "NVD",
"id": "CVE-2021-33317"
},
{
"date": "2022-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-40315"
},
{
"date": "2022-05-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-33317"
},
{
"date": "2023-08-07T08:16:00",
"db": "JVNDB",
"id": "JVNDB-2021-019612"
},
{
"date": "2022-05-20T15:38:02.560000",
"db": "NVD",
"id": "CVE-2021-33317"
},
{
"date": "2022-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0TRENDnet\u00a0 In the product \u00a0NULL\u00a0 Pointer dereference vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019612"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-3024"
}
],
"trust": 0.6
}
}