Denial-of-Service Vulnerability in Zyxel NWA110AX Firmware
CVE-2022-45854

3.1LOW

Key Information:

Vendor: Zyxel
Status: Nwa110ax Firmware
Vendor: CVE Published:; 7 February 2023

What is CVE-2022-45854?

The Zyxel NWA110AX firmware, prior to version 6.50(ABTG.0)C0, contains an implementation flaw that permits a local area network (LAN) attacker to initiate a temporary denial of service (DoS) attack. By sending specially crafted VLAN frames upon intercepting the MAC address of the affected access point, an adversary can disrupt the service, rendering the network inoperable. This vulnerability highlights the need for timely updates to firmware to safeguard against potential exploits.

Affected Version(s)

NWA110AX firmware < 6.50(ABTG.0)C0

References

https://www.zyxel.com/global/en/support/security-advisori...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 7, 2023
Vulnerability Reserved
Nov 23, 2022