CVE-2025-2956

Name of the Vulnerable Software and Affected Versions TRENDnet TI-G102i versions 1.0.7.S0 through 1.0.8.S0

Description A vulnerability was found in the HTTP Request Handler component, affecting the function plugins call handle uri raw of the file /usr/sbin/lighttpd. This issue leads to a null pointer dereference. The attack can only be done within the local network.

Recommendations For TRENDnet TI-G102i versions 1.0.7.S0 through 1.0.8.S0 , as a temporary workaround, consider disabling the plugins call handle uri raw function until a patch is available. Restrict access to the /usr/sbin/lighttpd file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.