PT-2026-8283

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7 Description A flaw exists in Open5GS up to version 2.7.6 related to the sgwc s5c handle create session response function within the SGW-C component. A manipulation can lead to memory corruption and may be...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the function...

EUVD-2025-206295

A vulnerability was found in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public a...

CVE-2025-15529 Open5GS s5c-handler.c sgwc_s5c_handle_create_session_response denial of service

A vulnerability was found in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public a...

CVE-2025-15529 Open5GS s5c-handler.c sgwc_s5c_handle_create_session_response denial of service

A vulnerability was found in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public a...

CVE-2025-15529

Open5GS up to 2.7.6 is affected. The vulnerability lies in the sgwc_s5c_handle_create_session_response function in src/sgwc/s5c-handler.c; manipulation can cause a denial of service. Remote exploitation is possible and the exploit has been publicly released. A patch exists named b19cf6a2dbf5d3081...

Open5GS security vulnerabilities

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from the operation in the function sgwcs5chandlecreatesessionresponse...

CVE-2025-15419

A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...

CVE-2025-15419

Open5GS up to version 2.7.6 is affected by a vulnerability in the GTPv2-C Flow Handler, specifically the function sgwc_s5c_handle_create_session_response in src/sgwc/s5c-handler.c. Manipulation can cause a local denial of service. The attack requires local access, and public exploits are availabl...

CVE-2025-15419 Open5GS GTPv2-C Flow s5c-handler.c sgwc_s5c_handle_create_session_response denial of service

A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...

CVE-2025-15417

A vulnerability was identified in Open5GS up to 2.7.6. Affected is the function sgwcs11handlecreatesessionrequest of the file src/sgwc/s11-handler.c of the component GTPv2-C F-TEID Handler. Such manipulation leads to denial of service. The attack must be carried out locally. The exploit is public...

CVE-2025-15417 Open5GS GTPv2-C F-TEID s11-handler.c sgwc_s11_handle_create_session_request denial of service

A vulnerability was identified in Open5GS up to 2.7.6. Affected is the function sgwcs11handlecreatesessionrequest of the file src/sgwc/s11-handler.c of the component GTPv2-C F-TEID Handler. Such manipulation leads to denial of service. The attack must be carried out locally. The exploit is public...

EUVD-2006-5318

Malware in sbrugna...

EUVD-2012-0566

Malware in sbrugna...

CVE-2025-52322

An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a crafted Create Session Request message to the SMF PGW-C, using the IP address of a legitimate UE in the PDN Address Allocation PAA field...

CVE-2025-52322

An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a crafted Create Session Request message to the SMF PGW-C, using the IP address of a legitimate UE in the PDN Address Allocation PAA field...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Create Session Request process when a crafted message is sent to the SMF PGW-C containing the IP address of a legitimate UE in the PAA field. An attacker can hijack session...

CVE-2025-52322

An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a crafted Create Session Request message to the SMF PGW-C, using the IP address of a legitimate UE in the PDN Address Allocation PAA field...

CVE-2025-52322

Open5GS vulnerability CVE-2025-52322 affects Open5GS v2.7.2 and earlier. A remote attacker can cause denial of service by sending a crafted Create Session Request to the SMF (PGW-C) that reuses the IP address of a legitimate UE in the PDN Address Allocation (PAA) field. Root cause: improper handl...

CVE-2025-52322

An issue in Open5GS v2.7.2 and before allows a remote attacker to cause a denial of service via a crafted Create Session Request message to the SMF PGW-C, using the IP address of a legitimate UE in the PDN Address Allocation PAA field...