1. Home
  2. CVE Database
  3. CVE-2026-42800
HIGH · 7.4

CVE-2026-42800

NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/si...

Vulnerability Description

NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/sipuri.c.

CVSS Score

7.4

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
AsrmicroAsr1901 Firmware< 1.225.003
AsrmicroAsr1901-
AsrmicroAsr1903 Firmware< 1.225.003
AsrmicroAsr1903-

Related Weaknesses (CWE)

CWE-476

References

FAQ

What is CVE-2026-42800?

CVE-2026-42800 is a vulnerability with a CVSS score of 7.4 (HIGH). NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/si...

How severe is CVE-2026-42800?

CVE-2026-42800 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-42800?

Check the references section above for vendor advisories and patch information. Affected products include: Asrmicro Asr1901 Firmware, Asrmicro Asr1901, Asrmicro Asr1903 Firmware, Asrmicro Asr1903.