CVE-2026-7287
Zyxel · NWA1100-N
Multiple functions in the Zyxel NWA1100-N firmware contain a buffer overflow vulnerability, potentially allowing remote attackers to trigger a denial-of-service.
Executive summary
A buffer overflow vulnerability in the Zyxel NWA1100-N firmware poses a risk of remote denial-of-service, though the product is currently end-of-life.
Vulnerability
This is a classic buffer overflow (CWE-120) located in the "webs" binary, specifically within the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions. The vulnerability is remotely exploitable by an unauthenticated attacker.
Business impact
The CVSS score of 7.5 highlights a high risk to availability. Because the device is an infrastructure component, a successful crash or service interruption could disrupt network connectivity for all users reliant on the NWA1100-N access point.
Remediation
Immediate Action: Since this device is end-of-life, the only effective remediation is to replace the affected hardware with a currently supported model.
Proactive Monitoring: Monitor for unusual traffic patterns or unexpected device reboots that may indicate exploitation attempts.
Compensating Controls: Place the device behind a robust firewall and restrict management interface access to a dedicated, isolated management VLAN.
Exploitation status
Public Exploit Available: No (no confirmed public exploit in available data)
Analyst recommendation
Because Zyxel NWA1100-N is no longer receiving security support, remediation cannot rely on patching. Organizations still utilizing this hardware should plan for immediate decommissioning and replacement with supported equipment to eliminate this persistent security risk.