Anything that's a misuse or uses a networking protocol in ways it wasn't intended to be used can be considered a threat.

Common examples

NTP attack

An attacker can spoof a source IP and submit a type of ntpdc query called monlist. This generates a lot of output and can effectively DoS the target server (spoofed source IP).

DHCP attack

Hacker can send malformed packets to try to break, gain access, or shut down the DHCP server.

cite: CompTIA Network+