The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference.
2022-05-11T18:15:22.783
2024-11-21T06:08:40.580
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | trendnet | ti-pg1284i_firmware | < 2.0.2.s0 | Yes |
| Hardware | trendnet | ti-pg1284i | 2.0r | No |
| Operating System | trendnet | ti-g102i_firmware | - | Yes |
| Hardware | trendnet | ti-g102i | - | No |
| Operating System | trendnet | ti-g160i_firmware | - | Yes |
| Hardware | trendnet | ti-g160i | - | No |
| Operating System | trendnet | ti-g642i_firmware | - | Yes |
| Hardware | trendnet | ti-g642i | - | No |
| Operating System | trendnet | ti-pg102i_firmware | - | Yes |
| Hardware | trendnet | ti-pg102i | - | No |
| Operating System | trendnet | ti-pg541i_firmware | - | Yes |
| Hardware | trendnet | ti-pg541i | - | No |
| Operating System | trendnet | ti-rp262i_firmware | - | Yes |
| Hardware | trendnet | ti-rp262i | - | No |
| Operating System | trendnet | teg-30102ws_firmware | - | Yes |
| Hardware | trendnet | teg-30102ws | - | No |
| Operating System | trendnet | tpe-30102ws_firmware | - | Yes |
| Hardware | trendnet | tpe-30102ws | - | No |