CVE-2021-33316
Summary
| CVE | CVE-2021-33316 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-05-11 18:15:00 UTC |
| Updated | 2022-07-12 17:42:00 UTC |
| Description | The TRENDnet TI-PG1284i switch(hw v2.0R) prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of ChassisID TLV, by sending a crafted lldp packet to the device, integer underflow would occur and the negative number will be passed to memcpy() later, which may cause buffer overflow or invalid memory access. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Trendnet | Teg-30102ws | - | All | All | All |
| Operating System | Trendnet | Teg-30102ws Firmware | - | All | All | All |
| Hardware | Trendnet | Ti-g102i | - | All | All | All |
| Operating System | Trendnet | Ti-g102i Firmware | - | All | All | All |
| Hardware | Trendnet | Ti-g160i | - | All | All | All |
| Operating System | Trendnet | Ti-g160i Firmware | - | All | All | All |
| Hardware | Trendnet | Ti-g642i | - | All | All | All |
| Operating System | Trendnet | Ti-g642i Firmware | - | All | All | All |
| Hardware | Trendnet | Ti-pg102i | - | All | All | All |
| Operating System | Trendnet | Ti-pg102i Firmware | - | All | All | All |
| Hardware | Trendnet | Ti-pg1284i | 2.0r | All | All | All |
| Operating System | Trendnet | Ti-pg1284i Firmware | All | All | All | All |
| Hardware | Trendnet | Ti-pg541i | - | All | All | All |
| Operating System | Trendnet | Ti-pg541i Firmware | - | All | All | All |
| Hardware | Trendnet | Ti-rp262i | - | All | All | All |
| Operating System | Trendnet | Ti-rp262i Firmware | - | All | All | All |
| Hardware | Trendnet | Tpe-30102ws | - | All | All | All |
| Operating System | Trendnet | Tpe-30102ws Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Warranty Policy | TRENDnet | MISC | www.trendnet.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.