Sign-up

ID

VAR-202108-1041


CVE

CVE-2021-28842


TITLE

plural  TRENDnet  In the product  NULL  Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-009682

DESCRIPTION

Null Pointer Deference vulnerability exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial os service by sending the POST request to apply_cgi via action do_graph_auth without login_name key. plural TRENDnet The product has NULL A pointer dereference vulnerability exists.Denial of service (DoS) It may be put into a state

Trust: 1.71

sources: NVD: CVE-2021-28842 // JVNDB: JVNDB-2021-009682 // VULMON: CVE-2021-28842

AFFECTED PRODUCTS

vendor:trendnetmodel:tew-825dapscope:eqversion:1.11b03

Trust: 1.0

vendor:trendnetmodel:tew-821dap2kacscope:eqversion:1.11b03

Trust: 1.0

vendor:trendnetmodel:tew-755ap2kacscope:eqversion:1.11b03

Trust: 1.0

vendor:trendnetmodel:tew-755apscope:eqversion:1.11b03

Trust: 1.0

vendor:trendnetmodel:tew-755ap2kacscope: - version: -

Trust: 0.8

vendor:trendnetmodel:tew-825dapscope: - version: -

Trust: 0.8

vendor:trendnetmodel:tew-755apscope: - version: -

Trust: 0.8

vendor:trendnetmodel:tew-821dap2kacscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-009682 // NVD: CVE-2021-28842

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-28842
value: HIGH

Trust: 1.0

NVD: CVE-2021-28842
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202108-1012
value: HIGH

Trust: 0.6

VULMON: CVE-2021-28842
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-28842
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2021-28842
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-28842
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2021-28842 // JVNDB: JVNDB-2021-009682 // CNNVD: CNNVD-202108-1012 // NVD: CVE-2021-28842

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.0

problemtype:NULL Pointer dereference (CWE-476) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-009682 // NVD: CVE-2021-28842

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202108-1012

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202108-1012

PATCH

title:SUPPORT TICKET #243638url:https://github.com/zyw-200/EQUAFL/blob/main/TRENDnet%20ticket.pdf

Trust: 0.8

sources: JVNDB: JVNDB-2021-009682

EXTERNAL IDS

db:NVDid:CVE-2021-28842

Trust: 3.3

db:JVNDBid:JVNDB-2021-009682

Trust: 0.8

db:CNNVDid:CNNVD-202108-1012

Trust: 0.6

db:VULMONid:CVE-2021-28842

Trust: 0.1

sources: VULMON: CVE-2021-28842 // JVNDB: JVNDB-2021-009682 // CNNVD: CNNVD-202108-1012 // NVD: CVE-2021-28842

REFERENCES

url:https://github.com/zyw-200/equafl/blob/main/trendnet%20ticket.pdf

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-28842

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/476.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2021-28842 // JVNDB: JVNDB-2021-009682 // CNNVD: CNNVD-202108-1012 // NVD: CVE-2021-28842

SOURCES

db:VULMONid:CVE-2021-28842
db:JVNDBid:JVNDB-2021-009682
db:CNNVDid:CNNVD-202108-1012
db:NVDid:CVE-2021-28842

LAST UPDATE DATE

2024-08-14T13:43:25.545000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-28842date:2021-08-16T00:00:00
db:JVNDBid:JVNDB-2021-009682date:2022-05-17T07:09:00
db:CNNVDid:CNNVD-202108-1012date:2021-08-17T00:00:00
db:NVDid:CVE-2021-28842date:2021-08-16T20:36:50.893

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-28842date:2021-08-10T00:00:00
db:JVNDBid:JVNDB-2021-009682date:2022-05-17T00:00:00
db:CNNVDid:CNNVD-202108-1012date:2021-08-10T00:00:00
db:NVDid:CVE-2021-28842date:2021-08-10T19:15:07.707