{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-03T00:08:07.444","vulnerabilities":[{"cve":{"id":"CVE-2025-49490","sourceIdentifier":"68630edc-a58c-4cbd-9b01-0e130455c8ae","published":"2025-07-01T10:15:31.597","lastModified":"2026-06-17T09:31:22.947","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure.\n This vulnerability is associated with program files  router/sms/sms.c. \nThis issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536."},{"lang":"es","value":"Una vulnerabilidad de fuga de recursos en ASR180x del enrutador permite la exposición a fugas de recursos. Esta vulnerabilidad está asociada con los archivos de programa router/sms/sms.c. Este problema afecta a Falcon_Linux, Kestrel y Lapwing_Linux anteriores a la versión 1536."}],"affected":[{"source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","affectedData":[{"vendor":"ASR","product":"Falcon_Linux、Kestrel、Lapwing_Linux","defaultStatus":"unaffected","modules":["router"],"platforms":["Linux"],"programFiles":["router/sms/sms.c"],"versions":[{"version":"0","lessThan":"v1536","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-01T13:10:40.283747Z","id":"CVE-2025-49490","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","type":"Secondary","description":[{"lang":"en","value":"CWE-404"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asrmicro:falcon_linux:*:*:*:*:*:*:*:*","versionEndExcluding":"1536","matchCriteriaId":"BBB3083A-577B-42D4-B939-5B18B70F45A7"},{"vulnerable":true,"criteria":"cpe:2.3:o:asrmicro:kestrel:*:*:*:*:*:*:*:*","versionEndExcluding":"1536","matchCriteriaId":"F6BAF32F-FF49-4DA4-98AE-22F18A1E81B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:asrmicro:lapwing_linux:*:*:*:*:*:*:*:*","versionEndExcluding":"1536","matchCriteriaId":"BDA5AEAD-3ED5-40C9-A069-5E0CFA07F252"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1803:-:*:*:*:*:*:*:*","matchCriteriaId":"5DCCB900-92E3-4060-B687-052F378AC304"},{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1806:-:*:*:*:*:*:*:*","matchCriteriaId":"A9465207-5C99-406B-824E-B735FEDAA22D"},{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1901:-:*:*:*:*:*:*:*","matchCriteriaId":"A4D3C8A7-2C61-4D2C-9BA9-381BE1D3FF51"},{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1903:-:*:*:*:*:*:*:*","matchCriteriaId":"1A8414CE-17FC-4F24-8434-4D4B80954624"}]}]}],"references":[{"url":"https://www.asrmicro.com/en/goods/psirt?cid=40","source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","tags":["Vendor Advisory"]}]}}]}