Asr
Products
6- 6 CVEs
- 6 CVEs
- 4 CVEs
- 4 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42800 | Hig | 0.48 | 7.4 | 0.00 | Apr 30, 2026 | NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/sipuri.c. | ||
| CVE-2025-13735 | Hig | 0.48 | 7.4 | 0.00 | Nov 26, 2025 | Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules). This vulnerability is associated with program files Code/nr_fw/DLP/src/NrCgi.C. This issue affects Lapwing_Linux: before 2025/11/26. | ||
| CVE-2025-59409 | 0.00 | — | 0.00 | Oct 2, 2025 | Flock Safety Falcon and Sparrow License Plate Readers OPM1.171019.026 ship with development Wi-Fi credentials (test_flck) stored in cleartext in production firmware. | |||
| CVE-2025-49483 | 0.00 | — | 0.00 | Jul 1, 2025 | Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. | |||
| CVE-2025-49492 | 0.00 | — | 0.00 | Jul 1, 2025 | Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun. This vulnerability is associated with program files apps/atcmd_server/src/dev_api.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. | |||
| CVE-2025-49491 | 0.00 | — | 0.00 | Jul 1, 2025 | Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (traffic_stat modules) allows Resource Leak Exposure. This vulnerability is associated with program files traffic_stat/traffic_service/traffic_service.C. This issue… | |||
| CVE-2025-49490 | 0.00 | — | 0.00 | Jul 1, 2025 | Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure. This vulnerability is associated with program files router/sms/sms.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536. | |||
| CVE-2025-49489 | 0.00 | — | 0.00 | Jul 1, 2025 | Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (con_mgr components) allows Resource Leak Exposure. This vulnerability is associated with program files con_mgr/dialer_task.C. This issue affects… | |||
| CVE-2024-32634 | 0.00 | — | 0.00 | Apr 16, 2024 | In huge memory get unmapped area check, code can never be reached because of a logical contradiction. | |||
| CVE-2023-49701 | 0.00 | — | 0.00 | Nov 30, 2023 | Memory Corruption in SIM management while USIMPhase2init | |||
| CVE-2023-49700 | 0.00 | — | 0.00 | Nov 30, 2023 | Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large. | |||
| CVE-2023-49699 | 0.00 | — | 0.00 | Nov 30, 2023 | Memory Corruption in IMS while calling VoLTE Streamingmedia Interface | |||
| CVE-2023-32547 | 0.00 | — | 0.00 | Aug 11, 2023 | Incorrect default permissions in the MAVinci Desktop Software for Intel(R) Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access. |
- risk 0.48cvss 7.4epss 0.00
NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/sipuri.c.
- risk 0.48cvss 7.4epss 0.00
Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules). This vulnerability is associated with program files Code/nr_fw/DLP/src/NrCgi.C. This issue affects Lapwing_Linux: before 2025/11/26.
- CVE-2025-59409Oct 2, 2025risk 0.00cvss —epss 0.00
Flock Safety Falcon and Sparrow License Plate Readers OPM1.171019.026 ship with development Wi-Fi credentials (test_flck) stored in cleartext in production firmware.
- CVE-2025-49483Jul 1, 2025risk 0.00cvss —epss 0.00
Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
- CVE-2025-49492Jul 1, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun. This vulnerability is associated with program files apps/atcmd_server/src/dev_api.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
- CVE-2025-49491Jul 1, 2025risk 0.00cvss —epss 0.00
Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (traffic_stat modules) allows Resource Leak Exposure. This vulnerability is associated with program files traffic_stat/traffic_service/traffic_service.C. This issue…
- CVE-2025-49490Jul 1, 2025risk 0.00cvss —epss 0.00
Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure. This vulnerability is associated with program files router/sms/sms.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.
- CVE-2025-49489Jul 1, 2025risk 0.00cvss —epss 0.00
Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (con_mgr components) allows Resource Leak Exposure. This vulnerability is associated with program files con_mgr/dialer_task.C. This issue affects…
- CVE-2024-32634Apr 16, 2024risk 0.00cvss —epss 0.00
In huge memory get unmapped area check, code can never be reached because of a logical contradiction.
- CVE-2023-49701Nov 30, 2023risk 0.00cvss —epss 0.00
Memory Corruption in SIM management while USIMPhase2init
- CVE-2023-49700Nov 30, 2023risk 0.00cvss —epss 0.00
Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large.
- CVE-2023-49699Nov 30, 2023risk 0.00cvss —epss 0.00
Memory Corruption in IMS while calling VoLTE Streamingmedia Interface
- CVE-2023-32547Aug 11, 2023risk 0.00cvss —epss 0.00
Incorrect default permissions in the MAVinci Desktop Software for Intel(R) Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access.