Stack Overflow Issue in FW-WGS-804HPT Web ACL Management by Vendor
CVE-2025-44886

9.8CRITICAL

Key Information:

Vendor: Vendor
Status: FW-WGS-804HPT
Vendor: CVE Published:; 20 May 2025

What is CVE-2025-44886?

The FW-WGS-804HPT v1.305b241111 has been identified to have a stack overflow vulnerability in its web_acl_mgmt_Rules_Edit_postcontains function, triggered by the byruleEditName parameter. This vulnerability could potentially allow attackers to exploit the stack overflow condition, leading to unauthorized actions or service interruption.

References

https://lafdrew.github.io/2025/04/20/web-acl-mgmt-Rules-E...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 22, 2025