CVE-2025-49488

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router components allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pb.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.asrmicro.com/en/goods/psirt?cid=40

Configurations

No configuration.

History

03 Jul 2025, 15:14

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de apagado o liberación incorrecta de recursos en ASR180x y ASR190x en componentes del enrutador permite la exposición a fugas de recursos. Esta vulnerabilidad está asociada a los archivos de programa router/phonebook/pb.c. Este problema afecta a Falcon_Linux, Kestrel y Lapwing_Linux anteriores a la versión 1536.

01 Jul 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-01 11:15

Updated : 2025-07-03 15:14

NVD link : CVE-2025-49488

Mitre link : CVE-2025-49488

CVE.ORG link : CVE-2025-49488

JSON object : View

Products Affected

No product.

CWE

CWE-404

Improper Resource Shutdown or Release

5.4 /10