An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1393 | Exploit Third Party Advisory |
https://www.ti.com/lit/an/swra740/swra740.pdf?ts=1645536893264& | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Jul 2022, 11:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-908 |
28 Apr 2022, 13:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2021-1393 - Exploit, Third Party Advisory |
24 Feb 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2021-1393 - Broken Link | |
CPE | cpe:2.3:h:ti:cc3100:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3220s:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3230s:-:*:*:*:*:*:*:* cpe:2.3:a:ti:simplelink_cc32xx_software_development_kit:*:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3230sf:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3200:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3235sf:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3135:-:*:*:*:*:*:*:* cpe:2.3:o:ti:cc3100_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3235s:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3220r:-:*:*:*:*:*:*:* cpe:2.3:o:ti:cc3200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3130:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3220sf:-:*:*:*:*:*:*:* cpe:2.3:h:ti:cc3120:-:*:*:*:*:*:*:* |
|
CWE | CWE-444 | |
First Time |
Ti cc3220s
Ti cc3100 Ti cc3235s Ti cc3100 Firmware Ti simplelink Cc32xx Software Development Kit Ti cc3220sf Ti cc3230s Ti cc3120 Ti cc3220r Ti cc3235sf Ti cc3230sf Ti cc3200 Ti cc3130 Ti cc3200 Firmware Ti cc3135 Ti |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
16 Feb 2022, 18:00
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-16 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-21966
Mitre link : CVE-2021-21966
CVE.ORG link : CVE-2021-21966
JSON object : View
Products Affected
ti
- cc3230s
- cc3220sf
- cc3200_firmware
- cc3100_firmware
- cc3130
- cc3220s
- cc3235sf
- cc3220r
- cc3120
- cc3235s
- cc3100
- simplelink_cc32xx_software_development_kit
- cc3200
- cc3230sf
- cc3135