CVE-2021-28845

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-755AP version 1.11B03 TRENDnet TEW-755AP2KAC version 1.11B03 TRENDnet TEW-821DAP2KAC version 1.11B03 TRENDnet TEW-825DAP version 1.11B03

Description: A Null Pointer Dereference issue exists, which could allow a remote malicious user to cause a denial of service by sending a POST request to "apply cgi" via the "lang" action without a language key.

Recommendations: For TRENDnet TEW-755AP version 1.11B03, consider disabling the "apply cgi" function via the "lang" action until a patch is available. For TRENDnet TEW-755AP2KAC version 1.11B03, consider disabling the "apply cgi" function via the "lang" action until a patch is available. For TRENDnet TEW-821DAP2KAC version 1.11B03, consider disabling the "apply cgi" function via the "lang" action until a patch is available. For TRENDnet TEW-825DAP version 1.11B03, consider disabling the "apply cgi" function via the "lang" action until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.