Lucene search
K

36 matches found

Github Security Blog
Github Security Blog
added 2026/05/08 10:44 p.m.10 views

free5GC's NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)

Summary free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNotifier.FlushNotifications, the notifier calls NnefPFDmanagementNotify... and on any delivery error invokes logger.PFDManageLog.Fatalerr, which is os.Exit1-equivalent in Go...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/05/08 10:39 p.m.4 views

GHSA-5F62-53R8-QRQF free5GC's NEF 3gpp-pfd-management API is unauthenticated; forged bearer tokens can create, read, and delete PFD transactions

Summary free5GC's NEF mounts the 3gpp-pfd-management API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, and delete PFD-management transaction state with a forged or arbitrary bearer token e.g. Authorization: Bearer...

9.4CVSS6AI score0.00314EPSS
Exploits1References5
Snyk
Snyk
added 2026/05/08 10:39 p.m.8 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the 3gpp-pfd-management API. An attacker can create, read, and delete transaction state by sending requests with forged or arbitrary bearer tokens, even if the service is not declared in the configuration...

9.4CVSS5.9AI score0.00314EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/08 10:39 p.m.11 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the 3gpp-pfd-management API. An attacker can create, read, and delete transaction state by sending requests with forged or arbitrary bearer tokens, even if the service is not declared in the configuration...

9.4CVSS5.9AI score0.00314EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39249

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Network Exposure Function NEF in free5GC terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. This occurs within the PfdChangeNotifier.FlushNotifications...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39245

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Network Exposure Function NEF in free5GC mounts the '3gpp-pfd-management' API without inbound OAuth2 or bearer-token authorization. A network attacker with access to the Service Based Interface S...

9.4CVSS5.9AI score0.00314EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-39260

Name of the Vulnerable Software and Affected Versions free5GC version 4.2.1 Description The Network Exposure Function NEF mounts the nnef-pfdmanagement route group without inbound OAuth2 or bearer-token authorization. This allows a network attacker with access to the Service-Based Interface SBI t...

10CVSS5.9AI score0.00287EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/02/24 11:3 p.m.7 views

CVE-2025-69208

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. Versions prior to 1.4.1 contain an Improper Error Handling vulnerability with Information Exposure. All deployments of free5GC using the NnefPfdManagement service may be...

6.9CVSS5.5AI score0.00269EPSS
Exploits1References1
Snyk
Snyk
added 2026/02/24 3:27 a.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the NnefPfdManagement process. An attacker can obtain internal parsing error details by sending malformed requests to the NEF component, which may assist in service fingerprinting. Remediation Upgrade...

8.7CVSS6AI score0.00348EPSS
Exploits1References2
EUVD
EUVD
added 2026/02/24 12:21 a.m.8 views

EUVD-2026-7462

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

8.7CVSS5.4AI score0.00275EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/24 12:21 a.m.7 views

CVE-2026-27643

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

8.7CVSS5.4AI score0.00275EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/24 12:21 a.m.5 views

CVE-2026-27643 free5GC has improper error handling in NEF with information exposure

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

8.7CVSS5.4AI score0.00275EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/24 12:1 a.m.6 views

EUVD-2025-207565

free5GC is an open-source project for 5th generation 5G mobile core networks. Versions up to and including 1.4.1 of the User Data Repository are affected by Improper Error Handling with Information Exposure. The NEF component reliably leaks internal parsing error details e.g., invalid character '...

8.7CVSS5.4AI score0.00348EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.8 views

PT-2026-21593

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.1, the NEF component reliably leaks internal parsing error details e.g., invalid character 'n' after top-level value to remote clients...

8.7CVSS5.4AI score0.00275EPSS
Exploits1References5
CVE
CVE
added 2026/02/23 9:18 p.m.18 views

CVE-2025-69208

The CVE concerns free5GC UDR (UDR component of the free5GC project) with an Improper Error Handling vulnerability in Nnef_PfdManagement GET, leaking internal parsing errors to clients. Affected: free5GC versions prior to 1.4.1; impact is information exposure with potential fingerprinting. Version...

6.9CVSS5.5AI score0.00269EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/23 9:18 p.m.4 views

CVE-2025-69208 free5GC UDR's NEF incorrectly returns 500 for missing PFD data (UDR 404) in Nnef_PfdManagement GET request

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. Versions prior to 1.4.1 contain an Improper Error Handling vulnerability with Information Exposure. All deployments of free5GC using the NnefPfdManagement service may be...

6.9CVSS5.5AI score0.00269EPSS
Exploits1References4
Rows per page
Query Builder