CVE-2021-21966

Summary

An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aTexas InstrumentsTexas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0,Sealevel Systems, Inc. SeaConnect 370W v1.3.34affected

Weaknesses

  • CWE-457: CWE-457: Use of Uninitialized Variable

ADP Enrichment

CVE Program Container

Additional References

References