Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ASR — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting ASR. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Application Security Research (ASR) primarily delivers automated vulnerability scanning and risk assessment tools for enterprise software development lifecycles. With twenty-one recorded Common Vulnerabilities and Exposures, the platform has historically been susceptible to remote code execution and cross-site scripting flaws, often stemming from inadequate input validation in its web interface. Privilege escalation vulnerabilities have also been documented, allowing unauthorized users to bypass access controls within the administrative dashboard. These technical weaknesses suggest that while the core scanning engine remains robust, the surrounding management infrastructure requires stricter security hygiene. No major public data breaches have been widely reported, though the cumulative CVE count indicates persistent gaps in patch management and secure coding practices. Continuous monitoring of these specific vulnerability classes is essential for maintaining the integrity of the security assessment workflow and preventing potential exploitation by malicious actors targeting the administrative layer.

Top products by ASR: Falcon_Linux、Kestrel、Lapwing_Linux Falcon Falcon/Crane Lapwing_Linux Kestrel
CVE IDTitleCVSSSeverityPublished
CVE-2026-42800 Deference after null check in ims_client sip — Lapwing_LinuxCWE-476 7.4 High2026-04-30
CVE-2026-42799 Out-of-bounds read in ulp — KestrelCWE-125 7.4 High2026-04-30
CVE-2025-13735 Out-of-bounds Read in nr flc — Lapwing_LinuxCWE-125 7.4 High2025-11-26
CVE-2025-49483 Resource leaks in tr069 — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2025-49482 Resource leaks in tr069 — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2025-49481 Resource leaks in router — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2025-49480 Out-of-bounds access in lte-telephony — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-125 7.4 High2025-07-01
CVE-2025-49488 Resource leaks in router — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2025-49492 Out-of-bounds write in lte-telephony — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-787 7.4 High2025-07-01
CVE-2025-49491 Resource leaks in traffic_stat — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2025-49490 Resource leaks in router — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2025-49489 Resource leaks in cm — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2025-5072 Resource leaks in cm — Falcon_Linux、Kestrel、Lapwing_LinuxCWE-404 5.4 Medium2025-07-01
CVE-2024-32625 Uninitialized scalar field — Falcon/CraneCWE-457 5.8 Medium2024-04-16
CVE-2024-32634 Logically dead code — FalconCWE-561 6.1 Medium2024-04-16
CVE-2024-32633 Unsigned compared against 0 — Falcon/CraneCWE-570 4.0 Medium2024-04-16
CVE-2024-32632 Printf arg type mismatch in ATCMD — Falcon/CraneCWE-686 6.6 Medium2024-04-16
CVE-2024-32631 Out-of-bounds read in telephony — Falcon/CraneCWE-125 7.2 High2024-04-16
CVE-2023-49701 Out-of-bounds access a buffer in SIM management — FalconCWE-119 7.2 High2023-11-30
CVE-2023-49700 Buffer Copy Without Checking size of input in IMS — FalconCWE-120 6.7 Medium2023-11-30
CVE-2023-49699 Out-of-bounds access a buffer in IMS — FalconCWE-119 6.7 Medium2023-11-30

This page lists every published CVE security advisory associated with ASR. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.