Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
open5gs open5gs vulnerabilities and exploits
(subscribe to this query)
6.5
CVE-2022-3299
A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched...
Open5gs Open5gs
1 Github repository available
8.8
CVSSv3
CVE-2021-25863
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account....
Open5gs Open5gs 2.1.3
2 Github repositories available
7.5
CVE-2023-23846
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop....
Open5gs Open5gs
Open5gs Open5gs 2.5.6
1 Github repository available
7.5
CVSSv3
CVE-2021-41794
ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted...
Open5gs Open5gs
7.5
CVSSv3
CVE-2021-44109
A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request....
Open5gs Open5gs
7.5
CVE-2022-39063
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct...
Open5gs Open5gs
7.5
CVE-2022-3354
A vulnerability has been found in Open5GS up to 2.4.10 and classified as problematic. This vulnerability affects unknown code in the library lib/core/ogs-tlv-msg.c of the component UDP Packet Handler. The manipulation leads to denial of service. The exploit has been disclosed to...
Open5gs Open5gs
1 Github repository available
7.5
CVSSv3
CVE-2021-44081
A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. When the length of MSIN in Supi exceeds 24 characters, it leads to AMF denial of service....
Open5gs Open5gs 2.1.4
7.5
CVE-2022-43222
open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet....
Open5gs Open5gs 2.4.11
1 Github repository available
7.5
CVSSv3
CVE-2021-44108
A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf....
Open5gs Open5gs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-45441
arbitrary
CVE-2022-31254
CVE-2023-0719
CVE-2023-25136
CVE-2023-0744
CVE-2022-0847
unspecified
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon