CVE-2022-45854

An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafted VLAN frames if the MAC address of the vulnerable AP were intercepted by the attacker.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
ZyxelCNA
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
zyxelnwa110ax_firmware
𝑥
≤ 6.45\(abtg.0\)c0
zyxelnwa210ax_firmware
𝑥
≤ 6.45\(abtd.0\)c0
zyxelwax510d_firmware
𝑥
≤ 6.45\(abtf.0\)c0
zyxelwax610d_firmware
𝑥
≤ 6.45\(abte.0\)c0
zyxelwax630s_firmware
𝑥
≤ 6.45\(abzd.0\)c0
zyxelwax650s_firmware
𝑥
≤ 6.45\(abrm.0\)c0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-aps
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-aps