1535 matches found
PT-2026-3328
Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.6 Description A denial-of-service issue exists in Open5GS, specifically within the SGW-C Serving Gateway Control plane component. The issue resides in the handling of Create Session Response messages and affects the...
CVE-2023-50020
An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to crash AMF...
CVE-2023-50019
An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of NudmUECMRegistration response...
CVE-2024-34235
Open5GS MME versions = 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial UE Message missing a required NASPDU field to repeatedly crash the MME, resulting in denial of service...
CVE-2025-1893
A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmmstateauthentication of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. This...
CVE-2025-1925
A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amfnsmfpdusessionhandleupdatesmcontext of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be launched...
CVE-2025-15419
A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...
CVE-2025-15418
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...
CVE-2025-15417
A vulnerability was identified in Open5GS up to 2.7.6. Affected is the function sgwcs11handlecreatesessionrequest of the file src/sgwc/s11-handler.c of the component GTPv2-C F-TEID Handler. Such manipulation leads to denial of service. The attack must be carried out locally. The exploit is public...
CVE-2025-15419
A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...
CVE-2025-15419
A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...
CVE-2025-15418
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...
CVE-2025-15418
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...
CVE-2025-15419 Open5GS GTPv2-C Flow s5c-handler.c sgwc_s5c_handle_create_session_response denial of service
A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...
CVE-2025-15419
Open5GS up to version 2.7.6 is affected by a vulnerability in the GTPv2-C Flow Handler, specifically the function sgwc_s5c_handle_create_session_response in src/sgwc/s5c-handler.c. Manipulation can cause a local denial of service. The attack requires local access, and public exploits are availabl...
CVE-2025-15419 Open5GS GTPv2-C Flow s5c-handler.c sgwc_s5c_handle_create_session_response denial of service
A weakness has been identified in Open5GS up to 2.7.6. Affected by this issue is the function sgwcs5chandlecreatesessionresponse of the file src/sgwc/s5c-handler.c of the component GTPv2-C Flow Handler. Executing a manipulation can lead to denial of service. The attack needs to be launched locall...
PT-2026-1035
Name of the Vulnerable Software and Affected Versions Open5GS versions through 2.7.6 Description A weakness exists in Open5GS that can lead to a denial of service. The issue is related to the sgwc s5c handle create session response function within the src/sgwc/s5c-handler.c file of the GTPv2-C Fl...
Open5GS 安全漏洞
Open5GS is an Open5GS open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.6 and earlier, which stems from an incorrect operation of the function sgwcs5chandlecreatesessionresponse in the file...
Open5GS 安全漏洞
Open5GS is an Open5GS open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.6 and earlier, which stems from an incorrect operation of the function ogsgtp2parsebearerqos in the library file...
CVE-2025-15418 Open5GS Bearer QoS IE Length types.c ogs_gtp2_parse_bearer_qos denial of service
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...