Skip to main content

Asr1806 Firmware

8 CVEs product

Monthly

CVE-2024-32634 MEDIUM This Month

In huge memory get unmapped area check, code can never be reached because of a logical contradiction. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Asr3603 Firmware Asr1607 Firmware Asr1803Sc Firmware Asr3602 Firmware +9
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-32633 MEDIUM This Month

An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Asr1803Sc Firmware Asr1607 Firmware Asr3603 Firmware Asr3602 Firmware +9
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2024-32632 MEDIUM This Month

A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Asr1803Sc Firmware Asr1607 Firmware Asr3603 Firmware Asr1806 Firmware +9
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2024-32631 HIGH This Week

Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Information Disclosure Asr3602 Firmware Asr3605 Firmware Asr3607 Firmware +10
NVD
CVSS 3.1
8.0
EPSS
0.3%
CVE-2024-32625 MEDIUM This Month

In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Asr1806 Firmware Asr1803 Firmware Asr1606 Firmware Asr1603 Firmware +9
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2023-49701 CRITICAL Act Now

Memory Corruption in SIM management while USIMPhase2init. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Asr1803 Firmware Asr1806 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-49700 HIGH This Week

Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Asr1803 Firmware Asr1806 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-49699 HIGH This Week

Memory Corruption in IMS while calling VoLTE Streamingmedia Interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Asr1806 Firmware Asr1803 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 6.1
MEDIUM This Month

In huge memory get unmapped area check, code can never be reached because of a logical contradiction. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Asr3603 Firmware Asr1607 Firmware +11
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Asr1803Sc Firmware Asr1607 Firmware +11
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Asr1803Sc Firmware Asr1607 Firmware +11
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Information Disclosure Asr3602 Firmware +12
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Asr1806 Firmware Asr1803 Firmware +11
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory Corruption in SIM management while USIMPhase2init. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Asr1803 Firmware Asr1806 Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Asr1803 Firmware Asr1806 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory Corruption in IMS while calling VoLTE Streamingmedia Interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Asr1806 Firmware Asr1803 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy