Vulnerabilities > CVE-2022-45854 - Improper Check for Unusual or Exceptional Conditions vulnerability in Zyxel products

CVSS 4.3 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

low complexity

zyxel

CWE-754

NVD

Published: 2023-02-07

Updated: 2023-12-29

Summary

An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafted VLAN frames if the MAC address of the vulnerable AP were intercepted by the attacker.

Vulnerable Configurations

Part	Description	Count
OS	Zyxel Zyxel Nwa110Ax Firmware 6.45\(Abtg.0\)C0 Zyxel Nwa210Ax Firmware 6.45\(Abtd.0\)C0 Zyxel Wax510D Firmware 6.45\(Abtf.0\)C0 Zyxel Wax610D Firmware 6.45\(Abte.0\)C0 Zyxel Wax630S Firmware - Zyxel Wax630S Firmware 6.45\(Abzd.0\)C0 Zyxel Wax650S Firmware 6.45\(Abrm.0\)C0	7
Hardware	Zyxel Zyxel Nwa110Ax - Zyxel Nwa210Ax - Zyxel Wax510D - Zyxel Wax610D - Zyxel Wax630S - Zyxel Wax650S -	6

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-aps