Improper Resource Management in ASR180x and ASR190x by ASR Micro
CVE-2025-49483

5.4MEDIUM

Key Information:

Vendor: Asr
Status: Falcon Linux、kestrel、lapwing Linux
Vendor: CVE Published:; 1 July 2025

What is CVE-2025-49483?

A vulnerability exists in ASR180x and ASR190x devices due to improper handling of resource shutdown or release in the TR069 modules. This flaw can lead to resource leaks that may compromise system performance and stability. Systems running Falcon_Linux, Kestrel, or Lapwing_Linux prior to version 1536 are particularly vulnerable. Developers and IT administrators should be aware of this issue and take measures to update their systems to mitigate potential risks.

Affected Version(s)

Falcon_Linux、Kestrel、Lapwing_Linux Linux 0

References

https://www.asrmicro.com/en/goods/psirt?cid=40

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 1, 2025
Vulnerability Reserved
Jun 5, 2025

Asr

What is CVE-2025-49483?

Affected Version(s)

References

CVSS V3.1

Timeline