Denial of Service Vulnerability in ZyXEL P-660HW v3 Devices
CVE-2017-17901

7.5HIGH

Key Information:

Vendor: Zyxel
Status: P-660hw Firmware
Vendor: CVE Published:; 29 December 2017

What is CVE-2017-17901?

ZyXEL P-660HW v3 devices are susceptible to a denial of service attack, where remote attackers can induce excessive CPU consumption. This is achieved by flooding the target device with IP packets that have a Time to Live (TTL) value of 1, overwhelming the device's processing capabilities, and potentially leading to service interruptions. For users of this device, it is critical to implement appropriate security measures to mitigate exposure to such attacks.

References

https://www.zyxel.com/support/announcement_denial_of_serv...

x_refsource_CONFIRM

http://packetstormsecurity.com/files/145548/ZyXEL-P-660HW...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2017
Vulnerability Reserved
Dec 24, 2017

Zyxel

What is CVE-2017-17901?

References

CVSS V3.1

Timeline