CVE-2022-45854

An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafted VLAN frames if the MAC address of the vulnerable AP were intercepted by the attacker.

Published: Feb 7, 2023
Updated: Dec 30, 2023
CVE: CVE-2022-45854
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWEs:

CWE-754

Affected Software
References

Software	From	Fixed in
zyxel / nwa110ax_firmware	-	6.45\(abtg.0\)c0.x
zyxel / nwa210ax_firmware	-	6.45\(abtd.0\)c0.x
zyxel / wax510d_firmware	-	6.45\(abtf.0\)c0.x
zyxel / wax610d_firmware	-	6.45\(abte.0\)c0.x
zyxel / wax630s_firmware	-	6.45\(abzd.0\)c0.x
zyxel / wax650s_firmware	-	6.45\(abrm.0\)c0.x

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-aps

Vulnerability Database

289,784

CVE-2022-45854