CVE-2025-49483
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-07-01
Last updated on: 2026-01-12
Assigner: ASR Microelectronics Co., Ltd.
Description
Description
Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c.
This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| asrmicro | falcon_linux | to 1536 (exc) |
| asrmicro | kestrel | to 1536 (exc) |
| asrmicro | lapwing_linux | to 1536 (exc) |
| asrmicro | asr1803 | * |
| asrmicro | asr1806 | * |
| asrmicro | asr1901 | * |
| asrmicro | asr1903 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Resource Shutdown or Release issue found in the tr069 modules of ASR180x and ASR190x devices. It causes a resource leak exposure due to improper handling in the program files tr069/tr069_uci.c.
How can this vulnerability impact me? :
The vulnerability can lead to resource leaks, which may degrade system performance or availability over time. It has a CVSS base score of 5.4, indicating a medium severity impact, potentially causing limited confidentiality loss and availability issues.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70