CVE-2025-49483

July 1, 2025, 12:15 p.m.

5.4
Medium

Description

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

Product(s) Impacted

Vendor Product Versions
Asr
  • Asr180x
  • Asr190x
  • *
  • *
Falcon
  • Falcon Linux
  • <1536
Kestrel
  • Kestrel
  • *
Lapwing
  • Lapwing Linux
  • <1536

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-404
Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a asr asr180x / / / / / / / /
a asr asr190x / / / / / / / /
o falcon falcon_linux <1536 / / / / / /
o kestrel kestrel / / / / / / / /
o lapwing lapwing_linux <1536 / / / / / /

References

https://www.asrmicro.com/en/goods/psirt?cid=40

Tags

CWE-404
2025-07-01
68630edc-a58c-4cbd-9b01-0e130455c8ae
CVE-2025-49483

CVSS Score

5.4 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: NONE
  • Availability Impact: LOW

    • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

    View Vector String

Timeline

Published: July 1, 2025, 12:15 p.m.
Last Modified: July 1, 2025, 12:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

68630edc-a58c-4cbd-9b01-0e130455c8ae

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.