CVE-2025-44887 is a critical stack overflow vulnerability identified in the FW-WGS-804HPT device, specifically in version v1.305b241111. The vulnerability arises from improper handling of the 'radIpkey' parameter within the 'web_radiusSrv_post' function. A stack overflow occurs when data exceeds the buffer's boundary on the call stack, potentially allowing an attacker to overwrite adjacent memory, leading to arbitrary code execution, system crashes, or denial of service. This vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), indicating a classic memory corruption issue. The CVSS v3.1 base score is 9.8, reflecting its critical severity, with attack vector network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality (C:H), integrity (I:H), and availability (A:H). Exploitation does not require authentication or user interaction, making it highly accessible to remote attackers. Although no known exploits are currently reported in the wild, the vulnerability's characteristics suggest that exploitation could lead to full system compromise, including remote code execution and persistent control over the affected device. The lack of vendor or product information beyond the device model limits precise identification of the vendor, but the device model FW-WGS-804HPT suggests a network appliance, possibly a firewall or gateway device, which often plays a critical role in network security infrastructure. The absence of patch links indicates that a fix may not yet be publicly available, increasing the urgency for mitigation and monitoring.

For European organizations, the impact of CVE-2025-44887 could be severe, especially for those relying on the FW-WGS-804HPT device or similar network appliances in their infrastructure. Successful exploitation could allow attackers to execute arbitrary code remotely, leading to full compromise of the device. This can result in unauthorized access to internal networks, interception or manipulation of sensitive data, disruption of network services, and potential lateral movement to other critical systems. Given the device's likely role in perimeter defense or network segmentation, its compromise undermines the organization's overall security posture. Confidentiality breaches could expose personal data protected under GDPR, leading to regulatory penalties and reputational damage. Integrity and availability impacts could disrupt business operations, cause data loss, and affect service continuity. The vulnerability's network accessibility and lack of required authentication make it a prime target for automated scanning and exploitation attempts, increasing risk for organizations with exposed management interfaces or insufficient network segmentation.

Organizations should immediately identify any deployment of the FW-WGS-804HPT device, particularly version v1.305b241111, within their networks. In the absence of an official patch, apply the following mitigations: 1) Restrict network access to the device's management interfaces by implementing strict firewall rules and access control lists, limiting connections to trusted administrative hosts. 2) Disable or restrict the use of the vulnerable 'web_radiusSrv_post' functionality if possible, or any related web management services that process the 'radIpkey' parameter. 3) Monitor network traffic for unusual or malformed requests targeting the device, especially those attempting to exploit the 'radIpkey' parameter. 4) Employ intrusion detection/prevention systems (IDS/IPS) with updated signatures to detect exploitation attempts. 5) Maintain rigorous network segmentation to isolate critical devices and limit potential lateral movement. 6) Engage with the device vendor or supplier to obtain security advisories and patches as soon as they become available. 7) Prepare incident response plans to quickly address any signs of compromise. 8) Conduct regular vulnerability assessments and penetration testing focusing on network appliances to proactively identify similar risks.