Null Pointer Dereference Vulnerability in TRENDnet TI-PG1284i Switch (hw v2.0R)

Null Pointer Dereference Vulnerability in TRENDnet TI-PG1284i Switch (hw v2.0R)

CVE-2021-33317 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an attacker can crash the process due to null pointer dereference.

Learn more about our Web Application Penetration Testing UK.