Security Center

NAVIGATOR

CVE ID	CVE-2025-5072
Title	Resource leaks in cm
Description	Resource leak vulnerability in ASR180x on Linux (con_mgr modules) allows Resource Leak Exposure.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Resource leak
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49489
Title	Resource leaks in cm
Description	Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (con_mgr modules) allows Resource Leak Exposure. This vulnerability is associated with program files con_mgr/dialer_task.C.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Resource leak
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49490
Title	Resource leaks in router
Description	Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure. This vulnerability is associated with program files router/sms/sms.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Resource leak
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49491
Title	Resource leaks in traffic_stat
Description	Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (traffic_stat modules) allows Resource Leak Exposure. This vulnerability is associated with program files traffic_stat/traffic_service/traffic_service.C.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Improper Resource Shutdown or Release
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49492
Title	Out-of-bounds write in lte-telephony
Description	Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun. This vulnerability is associated with program files apps/atcmd_server/src/dev_api.C.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-787 Out-of-bounds Write
Security Rating	High
CVSS Rating	HIGH
CVSS Score	7.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

Title	Resource leaks in router
Description	Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router components allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pb.c.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Improper Resource Shutdown or Release
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49480
Title	Out-of-bounds access in lte-telephony
Description	Out-of-bounds access in ASR180x 、ASR190x in lte-telephony, This vulnerability is associated with program files apps/lzma/src/LzmaEnc.C.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-125 Out-of-bounds Read
Security Rating	High
CVSS Rating	HIGH
CVSS Score	7.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49481
Title	Resource leaks in router
Description	Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pbwork-queue.c.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Improper Resource Shutdown or Release
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49482
Title	Resource leaks in tr069
Description	Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr098.c.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Improper Resource Shutdown or Release
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

CVE ID	CVE-2025-49483
Title	Resource leaks in tr069
Description	Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
Technology Area	AP
Vulnerability Type	CWE-404 Improper Resource Shutdown or Release
Security Rating	High
CVSS Rating	MEDIUM
CVSS Score	5.4
CVSS String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Chipsets	ASR1803L、ASR1806、ASR1901、ASR1903L

021-60336588

ASR WeChat

By Vthink

CVE ID	CVE-2023-24855
Title	Use of Out-of-range Pointer Offset in Modem
Description	Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE ID	CVE-2023-24855
Title	Use of Out-of-range Pointer Offset in Modem
Description	Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE ID	CVE-2023-24855
Title	Use of Out-of-range Pointer Offset in Modem
Description	Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE ID	CVE-2023-24855
Title	Use of Out-of-range Pointer Offset in Modem
Description	Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE ID	CVE-2023-24855
Title	Use of Out-of-range Pointer Offset in Modem
Description	Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE ID	CVE-2023-24855
Title	Use of Out-of-range Pointer Offset in Modem
Description	Memory corruption in Modem while processing security related configuration before AS Security Exchange.
CVE ID	CVE-2023-24855
Title	Use of Out-of-range Pointer Offset in Modem
Description	Memory corruption in Modem while processing security related configuration before AS Security Exchange.