Stack Overflow Vulnerability in FW-WGS-804HPT Product by Unknown Vendor
CVE-2025-44898

9.8CRITICAL

Key Information:

Vendor: Unknown Vendor
Status: FW-WGS-804HPT
Vendor: CVE Published:; 20 May 2025

🔔 Create Unknown Vendor Vulnerability Alert

What is CVE-2025-44898?

The FW-WGS-804HPT v1.305b241111 is susceptible to a stack overflow vulnerability originating from the 'theauthName' parameter in the 'web_aaa_loginAuthlistEdit' function. This flaw can allow attackers to execute arbitrary code or cause a denial of service, leading to potential unauthorized access or system instability.

References

https://lafdrew.github.io/2025/04/18/web-aaa-loginAuthlis...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 22, 2025