CVE-2022-45854 — Improper Check for Unusual or Exceptional Conditions in Zyxel Nwa110ax Firmware

CWE-754 — Improper Check for Unusual or Exceptional Conditions3 documents3 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 53.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Zyxel Nwa110ax Firmware Zyxel Nwa210ax Firmware Zyxel Wax510d Firmware +3 more

Timeline

PublishedFeb 7

Description

An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafted VLAN frames if the MAC address of the vulnerable AP were intercepted by the attacker.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages7 packages

▶CVEListV5zyxel/nwa110ax_firmware< 6.50(ABTG.0)C0

▶NVDzyxel/nwa110ax_firmware6.45\(abtg.0\)c0

▶NVDzyxel/wax510d_firmware6.45\(abtf.0\)c0

▶NVDzyxel/wax610d_firmware6.45\(abte.0\)c0

▶NVDzyxel/wax630s_firmware6.45\(abzd.0\)c0

Patches

Patch: www.zyxel.com ↗Patch: www.zyxel.com ↗

🔴Vulnerability Details

CVEList

CVE-2022-45854: An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6↗2023-02-07

▶

GHSA

GHSA-qm64-6g3m-3xmv: An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6↗2023-02-07

▶