CVE-2025-13735

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules). This vulnerability is associated with program files Code/nr_fw/DLP/src/NrCgi.C. This issue affects Lapwing_Linux: before 2025/11/26.

CVSS v3 7.4 HIGH

7.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.1 / Impact : 3.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://www.asrmicro.com/en/goods/psirt?cid=41

Configurations

No configuration.

History

01 Dec 2025, 15:39

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de lectura fuera de límites en ASR1903 y ASR3901 en ASR Lapwing_Linux en Linux (módulos nr_fw). Esta vulnerabilidad está asociada con los archivos de programa Code/nr_fw/DLP/src/NrCgi.C. Este problema afecta a Lapwing_Linux: antes del 26/11/2025.

26 Nov 2025, 07:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-11-26 07:16

Updated : 2025-12-01 15:39

NVD link : CVE-2025-13735

Mitre link : CVE-2025-13735

CVE.ORG link : CVE-2025-13735

JSON object : View

Products Affected

No product.

CWE

CWE-125

Out-of-bounds Read

7.4 /10