Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open5gs open5gs vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-41794
ogs_fqdn_parse in Open5GS 1.0.0 up to and including 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is ...
Open5gs Open5gs
9.8
CVSSv3
CVE-2021-28122
A request-validation issue exists in Open5GS 2.1.3 up to and including 2.2.x prior to 2.2.1. The WebUI component allows an unauthenticated user to use a crafted HTTP API request to create, read, update, or delete entries in the subscriber database. For example, new administrative...
Open5gs Open5gs
7.5
CVSSv3
CVE-2022-39063
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct ...
Open5gs Open5gs
8.8
CVSSv3
CVE-2021-25863
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account.
Open5gs Open5gs 2.1.3
7.5
CVSSv3
CVE-2022-43222
open5gs v2.4.11 exists to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PFCP packet.
Open5gs Open5gs 2.4.11
7.5
CVSSv3
CVE-2021-45462
In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF.
Open5gs Open5gs 2.4.0
7.5
CVSSv3
CVE-2022-43221
open5gs v2.4.11 exists to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PFCP packet.
Open5gs Open5gs 2.4.11
7.5
CVSSv3
CVE-2022-43223
open5gs v2.4.11 exists to contain a memory leak in the component ngap-handler.c. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted UE attachment.
Open5gs Open5gs 2.4.11
7.5
CVSSv3
CVE-2021-44081
A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. When the length of MSIN in Supi exceeds 24 characters, it leads to AMF denial of service.
Open5gs Open5gs 2.1.4
5.9
CVSSv3
CVE-2023-50019
An issue exists in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of Nudm_UECM_Registration response.
Open5gs Open5gs 2.6.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »