CVE-2019-15910

HIGH

ASUS HG100 MW100 WS-101 TS-101 AS-101 MS-101 DL-101 Firmware - Denial of Service via ZigBee Network Discovery

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-15910. PoCs published by chengcheng227.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2019-15910, a DoS vulnerability in ASUS ZigBee devices. It explains the attack mechanism involving beacon request spoofing to trigger PAN ID conflicts, disrupting network communication.

Description

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.

Exploits (1)

github WRITEUP 9 stars
by chengcheng227 · poc
https://github.com/chengcheng227/CVE-POC/tree/master/CVE-2019-15910.md

This repository provides a detailed technical analysis of CVE-2019-15910, a DoS vulnerability in ASUS ZigBee devices. It explains the attack mechanism involving beacon request spoofing to trigger PAN ID conflicts, disrupting network communication.

Classification
Writeup 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 (ZigBee PRO)
No auth needed
Prerequisites: Atmel RZ Raven USB sticks · KillerBee · Zigdiggity · Wireshark
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 7.5
EPSS 0.0132
EPSS Percentile 67.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (7)
asus/as-101_firmware
asus/dl-101_firmware
asus/hg100_firmware
asus/ms-101_firmware
asus/mw100_firmware
asus/ts-101_firmware
asus/ws-101_firmware
Published Dec 20, 2019
Tracked Since Feb 18, 2026