{ "id": "CVE-2022-45854", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-02-07T02:15:08.040", "lastModified": "2023-02-14T23:47:09.617", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafted VLAN frames if the MAC address of the vulnerable AP were intercepted by the attacker." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 1.4 }, { "source": "security@zyxel.com.tw", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW" }, "exploitabilityScore": 1.6, "impactScore": 1.4 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-754" } ] }, { "source": "security@zyxel.com.tw", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-754" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.45\\(abtg.0\\)c0", "matchCriteriaId": "9C1EE7F4-380B-451D-9B93-C93779C8340E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.45\\(abtd.0\\)c0", "matchCriteriaId": "745DA605-AB65-48A3-B6D9-F36A6822B0A9" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.45\\(abtf.0\\)c0", "matchCriteriaId": "12B28C41-2BCA-49D3-8F64-FAA85E139F61" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.45\\(abte.0\\)c0", "matchCriteriaId": "43275ACF-7415-4637-8B01-113E78C429AF" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.45\\(abzd.0\\)c0", "matchCriteriaId": "F2F57D71-C95B-448A-8741-56CA6456508A" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.45\\(abrm.0\\)c0", "matchCriteriaId": "03F7731E-FAB0-4DC4-8009-C7936B623C85" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB" } ] } ] } ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-dos-vulnerability-of-aps", "source": "security@zyxel.com.tw", "tags": [ "Patch", "Vendor Advisory" ] } ] }