Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open5gs open5gs vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-44108
A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and previous versions allows remote malicious users to Denial of Service via a crafted sbi request to amf.
Open5gs Open5gs
5
CVSSv2
CVE-2021-44109
A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and previous versions allows remote malicious users to Denial of Service via a crafted sbi request.
Open5gs Open5gs
NA
CVE-2022-40890
A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and previous versions leads to AMF denial of service.
Open5gs Open5gs
1 Github repository
5
CVSSv2
CVE-2021-45462
In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF.
Open5gs Open5gs 2.4.0
NA
CVE-2022-43221
open5gs v2.4.11 exists to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PFCP packet.
Open5gs Open5gs 2.4.11
NA
CVE-2022-43222
open5gs v2.4.11 exists to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PFCP packet.
Open5gs Open5gs 2.4.11
NA
CVE-2022-43223
open5gs v2.4.11 exists to contain a memory leak in the component ngap-handler.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted UE attachment.
Open5gs Open5gs 2.4.11
NA
CVE-2023-50019
An issue exists in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of Nudm_UECM_Registration response.
Open5gs Open5gs 2.6.6
NA
CVE-2023-50020
An issue exists in open5gs v2.6.6. SIGPIPE can be used to crash AMF.
Open5gs Open5gs 2.6.6
8.3
CVSSv2
CVE-2021-25863
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account.
Open5gs Open5gs 2.1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »