Stack Overflow Vulnerability in FW-WGS-804HPT Product by Vendor
CVE-2025-44883

9.8CRITICAL

Key Information:

Vendor: Vendor
Status: FW-WGS-804HPT
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-44883?

A stack overflow vulnerability has been detected in the FW-WGS-804HPT product, specifically through the tacIp parameter in the web_tacplus_serverEdit_post function. This flaw allows for potential exploitation, which could impact the integrity and availability of the application's functionality. It is crucial for users to assess their systems for this vulnerability and apply any necessary patches or mitigations promptly.

References

https://lafdrew.github.io/2025/04/20/web-tacplus-serverEd...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 22, 2025