{"document":{"acknowledgments":[{"urls":["https://kb.cert.org/vuls/id/855201#acknowledgements"]}],"category":"CERT/CC Vulnerability Note","csaf_version":"2.0","notes":[{"category":"summary","text":"### Overview\r\nLayer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.\r\n\r\n### Description\r\nThis vulnerability exists within Ethernet encapsulation protocols that allow for stacking of Virtual Local Area Network (VLAN) headers.  Network standards such as  [IEEE 802.1Q-1998]( https://standards.ieee.org/standard/802_1Q-1998.html) and [IEEE 802.3](https://standards.ieee.org/standard/802_3-2018.html) define a system of tagging Ethernet frames that help isolate networks to provide virtual networking capability.  IEEE standard [802.1ad](https://standards.ieee.org/standard/802_1ad-2005.html), also known as QinQ, allows for the stacking of these VLAN tags, extending the VLAN capability into multiple network segments. This widely adopted Ethernet feature is also referred to as \"provider bridging\" and \"stacked VLANs\".  In order to properly isolate and protect these virtual networks, many network devices and operating systems provide an L2 network filtering capability.   It is important to note that in modern computing environments , such as Cloud based virtualization and virtual networking, the L2 network capability is extended beyond the local area networks.  This can lead to exposure of this vulnerabilities in unintended ways to the larger Internet.\r\n\r\n\r\nThe identified vulnerabilities allow an attacker to bypass the security controls by stacking encapsulating headers. This is done by stacking a combination of one or more VLAN 0 (priority tag) headers and [802.2](https://standards.ieee.org/standard/802_2-1985.html) LLC/SNAP headers.  An attacker can send these crafted network packets and exploit vulnerable devices by bypassing their inspection and filtering capabilities.   Some examples of bypassed L2 inspections include, but are not limited to, [Dynamic ARP inspection](https://www.networkacademy.io/ccna/network-security/dynamic-arp-inspection-dai), [IPv6 Neighbor Discovery]( https://datatracker.ietf.org/doc/rfc4861/) (ND) protection, and [IPv6 RA Guard](https://datatracker.ietf.org/doc/html/rfc6105). \r\n\r\n**CVE-2021-27853**\r\nLayer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.\r\n\r\n**CVE-2021-27854**\r\nLayer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers in Ethernet to Wifi frame translation and the reverse Wifi to Ethernet.\r\n\r\n**CVE-2021-27861**\r\nLayer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers).\r\n\r\n**CVE-2021-27862**\r\nLayer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).\r\n\r\n### Impact\r\nAn attacker can bypass security controls and deceive a locally connected target host to route traffic to arbitrary destinations.  Victim devices experience either a DoS (blackholing traffic) or MitM (observing the unencrypted traffic and maybe breaking encryption). \r\n\r\n### Solution\r\n#### Apply Updates\r\nInstall vendor-provided patches and updates to ensure malicious content is blocked or rejected by the security controls (such as RA Guard), thereby blocking router advertisements or other network configuration related advertisements that originate on host ports.\r\n\r\n#### Inspect and Block Router Advertisements\r\nUtilize the interface security controls on your router or managed switch to perform DHCP snooping, IPv6 RA guard, IP source guard, and ARP/ND inspection. It is also recommended to only allow needed protocol on access ports (ARP/ICMP/IPv4/IPv6), some applications may have additional needs so be prepared to modify the allow list as needed. \r\n\r\n### Acknowledgements\r\nThanks to Etienne Champetier for reporting this vulnerability. \r\n\r\nThis document was written by Timur Snoke.","title":"Summary"},{"category":"legal_disclaimer","text":"THIS DOCUMENT IS PROVIDED ON AN 'AS IS' BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. ","title":"Legal Disclaimer"},{"category":"other","text":"CERT/CC Vulnerability Note is a limited advisory. It primarily identifies vendors impacted by the advisory and not specific products. We only support \"known_affected\" and \"known_not_affected\" status. Please consult the vendor's statements and advisory URL if provided by the vendor for more details ","title":"Limitations of Advisory"},{"category":"other","text":"we believe we are not susceptible to this attack due to design differences within our products.","title":"Vendor statment from Digi International"},{"category":"other","text":"MikroTik devices do no support IPv6 RA guard and are not affected.","title":"Vendor statment from MikroTik"},{"category":"other","text":"Arista Networks has products affected by these issues. Complete details, including how to fix the issue, can be found at: https://www.arista.com/en/support/advisories-notices/security-advisory/16276-security-advisory-0080","title":"Vendor statment from Arista Networks"},{"category":"other","text":"None of Synology's products are affected by CVE-2021-27853, CVE-2021-27854, CVE-2021-27861, and CVE-2021-27862 as these vulnerabilities only affect when Layer 2 security features like RA Guard is implemented.","title":"Vendor statment from Synology"},{"category":"other","text":"No Brocade Fibre Channel Products from Broadcom products are currently known to be affected by this vulnerability.","title":"Vendor statment from Brocade Communication Systems"},{"category":"other","text":"Cisco will publish an advisory regarding affected products and versions once the embargo is lifted. PSIRT-0213940748","title":"Vendor statment from Cisco"},{"category":"other","text":"Advantech ICR-xxxx products don't provide bridge VLAN firewalling.","title":"Vendor statment from Advantech Czech"},{"category":"other","text":"For devices using IPv6 RA Guard or devices using DHCP security services please upgrade to these releases if there is a concern: Junos OS 21.2R3-S3, 21.3R3-S1, 21.4R2-S2, 21.4R3, 22.1R1-S2, 22.1R2, 22.1R3, 22.2R2, 22.3R1, 22.4R1, or subsequent releases. There are no workarounds.","title":"Vendor statment from Juniper Networks"},{"category":"other","text":"The teams at HP Inc. has confirmed that none of our products are affected by these issues.","title":"Vendor statment from HP Inc."},{"category":"other","text":"This vulnerability is not applicable to any Muonics, Inc. products that exist at this time.","title":"Vendor statment from Muonics Inc."},{"category":"other","text":"OpenWrt does not support Layer 2 security features like RA Guard and is not affected by this problem.","title":"Vendor statment from OpenWRT"},{"category":"other","text":"After review it has been determined that the Android OS has no security impact from these vulnerabilities.","title":"Vendor statment from Android Open Source Project"},{"category":"other","text":"We have no Switches produced by any vendors for us","title":"Vendor statment from Deutsche Telekom"},{"category":"other","text":"No F5 products are affected by the issues described here","title":"Vendor statment from F5 Networks"}],"publisher":{"category":"coordinator","contact_details":"Email: cert@cert.org, Phone: +1412 268 5800","issuing_authority":"CERT/CC under DHS/CISA https://www.cisa.gov/cybersecurity also see https://kb.cert.org/ ","name":"CERT/CC","namespace":"https://kb.cert.org/"},"references":[{"url":"https://certcc.github.io/certcc_disclosure_policy","summary":"CERT/CC vulnerability disclosure policy"},{"summary":"CERT/CC document released","category":"self","url":"https://kb.cert.org/vuls/id/855201"},{"url":"https://blog.champtar.fr/VLAN0/","summary":"https://blog.champtar.fr/VLAN0/"},{"url":"https://blog.champtar.fr/VLAN0_LLC_SNAP/","summary":"https://blog.champtar.fr/VLAN0_LLC_SNAP/"},{"url":"https://www.networkacademy.io/ccna/network-security/dynamic-arp-inspection-dai","summary":"https://www.networkacademy.io/ccna/network-security/dynamic-arp-inspection-dai"},{"url":"https://lore.kernel.org/netdev/CAOdf3grDKBkYmt54ZAzG1zZ6zz1JXeoHSv67_Fc9-nRiY662mQ@mail.gmail.com/","summary":"https://lore.kernel.org/netdev/CAOdf3grDKBkYmt54ZAzG1zZ6zz1JXeoHSv67_Fc9-nRiY662mQ@mail.gmail.com/"},{"url":"https://bugs.launchpad.net/neutron/+bug/1884341","summary":"https://bugs.launchpad.net/neutron/+bug/1884341"},{"url":"https://standards.ieee.org/standard/802_1Q-1998.html","summary":"https://standards.ieee.org/standard/802_1Q-1998.html"},{"url":"https://standards.ieee.org/standard/802_2-1985.html","summary":"https://standards.ieee.org/standard/802_2-1985.html"},{"url":"https://standards.ieee.org/standard/802_3-2018.html","summary":"https://standards.ieee.org/standard/802_3-2018.html"},{"url":"https://standards.ieee.org/standard/802_1ad-2005.html","summary":"https://standards.ieee.org/standard/802_1ad-2005.html"},{"url":"https://blogs.nwkings.com/what-is-dai-dynamic-arp-inspection/","summary":"https://blogs.nwkings.com/what-is-dai-dynamic-arp-inspection/"},{"url":"https://datatracker.ietf.org/doc/rfc4861/","summary":"https://datatracker.ietf.org/doc/rfc4861/"},{"url":"https://datatracker.ietf.org/doc/html/rfc6105","summary":"https://datatracker.ietf.org/doc/html/rfc6105"},{"url":"https://www.ieee802.org/1/files/public/docs2022/q-rev-seaman-vlan-tag-encoding-ppt-0122-v0.pdf","summary":"https://www.ieee802.org/1/files/public/docs2022/q-rev-seaman-vlan-tag-encoding-ppt-0122-v0.pdf"},{"url":"https://my.f5.com/manage/s/article/K45012151","summary":"Reference(s) from vendor \"F5 Networks\""}],"title":"L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers","tracking":{"current_release_date":"2025-12-15T16:07:54+00:00","generator":{"engine":{"name":"VINCE","version":"3.0.35"}},"id":"VU#855201","initial_release_date":"2022-09-27 16:13:51.893192+00:00","revision_history":[{"date":"2025-12-15T16:07:54+00:00","number":"1.20251215160754.10","summary":"Released on 2025-12-15T16:07:54+00:00"}],"status":"final","version":"1.20251215160754.10"}},"vulnerabilities":[{"title":"Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers).","notes":[{"category":"summary","text":"Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)"}],"cve":"CVE-2021-27861","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#855201"}],"product_status":{"known_affected":["CSAFPID-2f96c45a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f98f356-39d5-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-2f951a38-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f958a40-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f95b178-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f96405c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f96770c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f969ec6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f96ec32-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f972c10-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f975c12-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9782c8-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f97bbf8-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f97ecb8-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f982d4a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f986800-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9899d8-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f98cb6a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f99243e-39d5-11f1-8422-122e2785dc9f"]}},{"title":"Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).","notes":[{"category":"summary","text":"Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers)."}],"cve":"CVE-2021-27862","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#855201"}],"product_status":{"known_affected":["CSAFPID-2f9b812a-39d5-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-2f99c380-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9a1f10-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9a4684-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9ac3e8-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9b029a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9b4822-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9bba46-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9be2aa-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9c0816-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9c46be-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9c6e5a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9c9dd0-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9ccce2-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9cf758-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9d2fa2-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9d584c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9d84ac-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9dacde-39d5-11f1-8422-122e2785dc9f"]}},{"title":"Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.","notes":[{"category":"summary","text":"Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse."}],"cve":"CVE-2021-27854","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#855201"}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28444","summary":"This was addressed as part of the April Patch Tuesday release.","category":"external"}],"product_status":{"known_affected":["CSAFPID-2f9eb71e-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9f70c8-39d5-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-2f9e25c4-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9e5df0-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9e90fe-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9ef2a6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9f1a88-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9f47f6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9f9576-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9fcc26-39d5-11f1-8422-122e2785dc9f","CSAFPID-2f9ff5f2-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa01a82-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa04b6a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa07a5e-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa0a10a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa0d4a4-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa12508-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa15ea6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa1857a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa1b48c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa1f7e4-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa24a5a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa2868c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa2b6de-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa2ebd6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa32cfe-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa3699e-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa3d4e2-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa407f0-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa42fe6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa46434-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa489aa-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa4bb64-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa4edf0-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa5207c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa54e94-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa57586-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa5c680-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa60ac8-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa644de-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa66edc-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa69e52-39d5-11f1-8422-122e2785dc9f"]}},{"title":"Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.","notes":[{"category":"summary","text":"Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers."}],"cve":"CVE-2021-27853","ids":[{"system_name":"CERT/CC V Identifier ","text":"VU#855201"}],"product_status":{"known_affected":["CSAFPID-2fa7ec58-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa8b6e2-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fae174a-39d5-11f1-8422-122e2785dc9f"],"known_not_affected":["CSAFPID-2fa74316-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa77624-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa7aefa-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa83492-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa86854-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa88e92-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa8dcbc-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa900d4-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa93914-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa95fb6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa992ba-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa9bf10-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fa9f5de-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faa4390-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faa82ce-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faaaa4c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faad364-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fab26fc-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fab4f06-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faba2da-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fabd3ae-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fac055e-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fac3fce-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fac7674-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fad001c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fad28e4-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fad6b7e-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fad9e00-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fadc5b0-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fae5ab6-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fae9a8a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faec0f0-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faee8a0-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faf0f24-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faf392c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2faf777a-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fafaa4c-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fafecdc-39d5-11f1-8422-122e2785dc9f","CSAFPID-2fb015d6-39d5-11f1-8422-122e2785dc9f"]}}],"product_tree":{"branches":[{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-2f951a38-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Brocade Communication Systems","product":{"name":"Brocade Communication Systems Products","product_id":"CSAFPID-2f955214-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palo Alto Networks","product":{"name":"Palo Alto Networks Products","product_id":"CSAFPID-2f958a40-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"D-Link Systems Inc.","product":{"name":"D-Link Systems Inc. Products","product_id":"CSAFPID-2f95b178-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-2f960b64-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Untangle","product":{"name":"Untangle Products","product_id":"CSAFPID-2f96405c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-2f96770c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-2f969ec6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-2f96c45a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lwIP","product":{"name":"lwIP Products","product_id":"CSAFPID-2f96ec32-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wind River","product":{"name":"Wind River Products","product_id":"CSAFPID-2f972c10-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Miredo","product":{"name":"Miredo Products","product_id":"CSAFPID-2f975c12-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Advantech Czech","product":{"name":"Advantech Czech Products","product_id":"CSAFPID-2f9782c8-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NVIDIA","product":{"name":"NVIDIA Products","product_id":"CSAFPID-2f97bbf8-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Digi International","product":{"name":"Digi International Products","product_id":"CSAFPID-2f97ecb8-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AVM GmbH","product":{"name":"AVM GmbH Products","product_id":"CSAFPID-2f982d4a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cradlepoint","product":{"name":"Cradlepoint Products","product_id":"CSAFPID-2f986800-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-2f9899d8-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Android Open Source Project","product":{"name":"Android Open Source Project Products","product_id":"CSAFPID-2f98cb6a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-2f98f356-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-2f99243e-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-2f99c380-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Brocade Communication Systems","product":{"name":"Brocade Communication Systems Products","product_id":"CSAFPID-2f99f882-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palo Alto Networks","product":{"name":"Palo Alto Networks Products","product_id":"CSAFPID-2f9a1f10-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"D-Link Systems Inc.","product":{"name":"D-Link Systems Inc. Products","product_id":"CSAFPID-2f9a4684-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-2f9a7082-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Untangle","product":{"name":"Untangle Products","product_id":"CSAFPID-2f9ac3e8-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-2f9b029a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-2f9b4822-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-2f9b812a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lwIP","product":{"name":"lwIP Products","product_id":"CSAFPID-2f9bba46-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wind River","product":{"name":"Wind River Products","product_id":"CSAFPID-2f9be2aa-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Miredo","product":{"name":"Miredo Products","product_id":"CSAFPID-2f9c0816-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Advantech Czech","product":{"name":"Advantech Czech Products","product_id":"CSAFPID-2f9c46be-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NVIDIA","product":{"name":"NVIDIA Products","product_id":"CSAFPID-2f9c6e5a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Digi International","product":{"name":"Digi International Products","product_id":"CSAFPID-2f9c9dd0-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AVM GmbH","product":{"name":"AVM GmbH Products","product_id":"CSAFPID-2f9ccce2-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cradlepoint","product":{"name":"Cradlepoint Products","product_id":"CSAFPID-2f9cf758-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-2f9d2fa2-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Android Open Source Project","product":{"name":"Android Open Source Project Products","product_id":"CSAFPID-2f9d584c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-2f9d84ac-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-2f9dacde-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-2f9e25c4-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palo Alto Networks","product":{"name":"Palo Alto Networks Products","product_id":"CSAFPID-2f9e5df0-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-2f9e90fe-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-2f9eb71e-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Miredo","product":{"name":"Miredo Products","product_id":"CSAFPID-2f9ef2a6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Untangle","product":{"name":"Untangle Products","product_id":"CSAFPID-2f9f1a88-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-2f9f47f6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-2f9f70c8-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Advantech Czech","product":{"name":"Advantech Czech Products","product_id":"CSAFPID-2f9f9576-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NVIDIA","product":{"name":"NVIDIA Products","product_id":"CSAFPID-2f9fcc26-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Digi International","product":{"name":"Digi International Products","product_id":"CSAFPID-2f9ff5f2-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HP Inc.","product":{"name":"HP Inc. Products","product_id":"CSAFPID-2fa01a82-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-2fa04b6a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AVM GmbH","product":{"name":"AVM GmbH Products","product_id":"CSAFPID-2fa07a5e-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cradlepoint","product":{"name":"Cradlepoint Products","product_id":"CSAFPID-2fa0a10a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Actiontec","product":{"name":"Actiontec Products","product_id":"CSAFPID-2fa0d4a4-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-2fa12508-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-2fa15ea6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenWRT","product":{"name":"OpenWRT Products","product_id":"CSAFPID-2fa1857a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Dell","product":{"name":"Dell Products","product_id":"CSAFPID-2fa1b48c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"D-Link Systems Inc.","product":{"name":"D-Link Systems Inc. Products","product_id":"CSAFPID-2fa1f7e4-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Treck","product":{"name":"Treck Products","product_id":"CSAFPID-2fa24a5a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Dell SecureWorks","product":{"name":"Dell SecureWorks Products","product_id":"CSAFPID-2fa2868c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-2fa2b6de-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Check Point","product":{"name":"Check Point Products","product_id":"CSAFPID-2fa2ebd6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"McAfee","product":{"name":"McAfee Products","product_id":"CSAFPID-2fa32cfe-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Android Open Source Project","product":{"name":"Android Open Source Project Products","product_id":"CSAFPID-2fa3699e-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Ceragon Networks Inc","product":{"name":"Ceragon Networks Inc Products","product_id":"CSAFPID-2fa39720-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Barracuda Networks","product":{"name":"Barracuda Networks Products","product_id":"CSAFPID-2fa3d4e2-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Deutsche Telekom","product":{"name":"Deutsche Telekom Products","product_id":"CSAFPID-2fa407f0-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Brocade Communication Systems","product":{"name":"Brocade Communication Systems Products","product_id":"CSAFPID-2fa42fe6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Sierra Wireless","product":{"name":"Sierra Wireless Products","product_id":"CSAFPID-2fa46434-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"QNAP","product":{"name":"QNAP Products","product_id":"CSAFPID-2fa489aa-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wind River","product":{"name":"Wind River Products","product_id":"CSAFPID-2fa4bb64-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-2fa4edf0-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"netsnmp","product":{"name":"netsnmp Products","product_id":"CSAFPID-2fa5207c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lwIP","product":{"name":"lwIP Products","product_id":"CSAFPID-2fa54e94-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Sophos","product":{"name":"Sophos Products","product_id":"CSAFPID-2fa57586-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Microsoft","product":{"name":"Microsoft Products","product_id":"CSAFPID-2fa59d0e-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-2fa5c680-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-2fa60ac8-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HCC Embedded","product":{"name":"HCC Embedded Products","product_id":"CSAFPID-2fa644de-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Intel","product":{"name":"Intel Products","product_id":"CSAFPID-2fa66edc-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"MikroTik","product":{"name":"MikroTik Products","product_id":"CSAFPID-2fa69e52-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"F5 Networks","product":{"name":"F5 Networks Products","product_id":"CSAFPID-2fa74316-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Palo Alto Networks","product":{"name":"Palo Alto Networks Products","product_id":"CSAFPID-2fa77624-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Red Hat","product":{"name":"Red Hat Products","product_id":"CSAFPID-2fa7aefa-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Juniper Networks","product":{"name":"Juniper Networks Products","product_id":"CSAFPID-2fa7ec58-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Miredo","product":{"name":"Miredo Products","product_id":"CSAFPID-2fa83492-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Untangle","product":{"name":"Untangle Products","product_id":"CSAFPID-2fa86854-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Synology","product":{"name":"Synology Products","product_id":"CSAFPID-2fa88e92-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Arista Networks","product":{"name":"Arista Networks Products","product_id":"CSAFPID-2fa8b6e2-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Advantech Czech","product":{"name":"Advantech Czech Products","product_id":"CSAFPID-2fa8dcbc-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"NVIDIA","product":{"name":"NVIDIA Products","product_id":"CSAFPID-2fa900d4-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Digi International","product":{"name":"Digi International Products","product_id":"CSAFPID-2fa93914-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HP Inc.","product":{"name":"HP Inc. Products","product_id":"CSAFPID-2fa95fb6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Muonics Inc.","product":{"name":"Muonics Inc. Products","product_id":"CSAFPID-2fa992ba-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"AVM GmbH","product":{"name":"AVM GmbH Products","product_id":"CSAFPID-2fa9bf10-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cradlepoint","product":{"name":"Cradlepoint Products","product_id":"CSAFPID-2fa9f5de-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Actiontec","product":{"name":"Actiontec Products","product_id":"CSAFPID-2faa4390-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Peplink","product":{"name":"Peplink Products","product_id":"CSAFPID-2faa82ce-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"eCosCentric","product":{"name":"eCosCentric Products","product_id":"CSAFPID-2faaaa4c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"OpenWRT","product":{"name":"OpenWRT Products","product_id":"CSAFPID-2faad364-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Dell","product":{"name":"Dell Products","product_id":"CSAFPID-2fab26fc-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"D-Link Systems Inc.","product":{"name":"D-Link Systems Inc. Products","product_id":"CSAFPID-2fab4f06-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Treck","product":{"name":"Treck Products","product_id":"CSAFPID-2faba2da-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Dell SecureWorks","product":{"name":"Dell SecureWorks Products","product_id":"CSAFPID-2fabd3ae-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Check Point","product":{"name":"Check Point Products","product_id":"CSAFPID-2fac055e-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"McAfee","product":{"name":"McAfee Products","product_id":"CSAFPID-2fac3fce-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Android Open Source Project","product":{"name":"Android Open Source Project Products","product_id":"CSAFPID-2fac7674-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Ceragon Networks Inc","product":{"name":"Ceragon Networks Inc Products","product_id":"CSAFPID-2facc3f4-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Barracuda Networks","product":{"name":"Barracuda Networks Products","product_id":"CSAFPID-2fad001c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Deutsche Telekom","product":{"name":"Deutsche Telekom Products","product_id":"CSAFPID-2fad28e4-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Brocade Communication Systems","product":{"name":"Brocade Communication Systems Products","product_id":"CSAFPID-2fad6b7e-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Sierra Wireless","product":{"name":"Sierra Wireless Products","product_id":"CSAFPID-2fad9e00-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"QNAP","product":{"name":"QNAP Products","product_id":"CSAFPID-2fadc5b0-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Cisco","product":{"name":"Cisco Products","product_id":"CSAFPID-2fae174a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Wind River","product":{"name":"Wind River Products","product_id":"CSAFPID-2fae5ab6-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Aruba Networks","product":{"name":"Aruba Networks Products","product_id":"CSAFPID-2fae9a8a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"netsnmp","product":{"name":"netsnmp Products","product_id":"CSAFPID-2faec0f0-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"lwIP","product":{"name":"lwIP Products","product_id":"CSAFPID-2faee8a0-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Sophos","product":{"name":"Sophos Products","product_id":"CSAFPID-2faf0f24-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Paessler","product":{"name":"Paessler Products","product_id":"CSAFPID-2faf392c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Fastly","product":{"name":"Fastly Products","product_id":"CSAFPID-2faf777a-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"HCC Embedded","product":{"name":"HCC Embedded Products","product_id":"CSAFPID-2fafaa4c-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"Intel","product":{"name":"Intel Products","product_id":"CSAFPID-2fafecdc-39d5-11f1-8422-122e2785dc9f"}},{"category":"vendor","name":"MikroTik","product":{"name":"MikroTik Products","product_id":"CSAFPID-2fb015d6-39d5-11f1-8422-122e2785dc9f"}}]}}