90 matches found
EUVD-2026-19241
A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used...
CVE-2026-5661
A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used...
CVE-2026-5661 Free5GC NGSetupRequest denial of service
A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used...
CVE-2026-5661
The CVE-2026-5661 affects Free5GC 4.2.0, specifically the NGSetupRequest Handler. The vulnerability allows denial of service via remote manipulation of the NGSetupRequest function. The attack can be launched remotely, and a public exploit is available. No remediation details are provided in the s...
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Version 4.2.0 of free5GC contains a security vulnerability, which stems from issues with the NGSetupRequest Handler component and could lead to denial-of-service attacks...
PT-2026-30605
A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used...
Expected Behavior Violation
Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the PFCP Association Setup Request process. An attacker can cause service disruption and trigger reconnection loops by sending a malformed request that is incorrectly accepted, resulting in an inconsisten...
CVE-2025-69232
CVE-2025-69232 affects free5GC go-upf up to version 1.2.6 and free5gc smf up to 1.4.0. It is an Improper Input Validation and Protocol Compliance vulnerability that can cause Denial of Service: a remote attacker sends a malformed PFCP Association Setup Request, which UPF accepts and enters an inc...
CVE-2025-69232 free5GC hasProtocol Compliance Violation in UPF Leading to SMF Service Disruption
free5GC is an open-source project for 5th generation 5G mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. Remote...
CVE-2025-65563
A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...
CVE-2025-65563
A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...
CVE-2025-65563
CVE-2025-65563 affects omec-project UPF (upf-epc/pfcpiface). A NULL pointer dereference occurs in the association setup handler when a PFCP Association Setup Request omits the mandatory NodeID Information Element, causing a panic and UPF process termination. An attacker able to send PFCP Associat...
EUVD-2025-50810
In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...
CVE-2025-63288
In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...
CVE-2025-63288
In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...
CVE-2025-63288
In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...
CVE-2025-63288
CVE-2025-63288 affects Open5GS 2.7.6, where the AMF crashes upon receiving an abnormal NGSetupRequest, causing a denial of service. The available documents consistently describe the vulnerable component as the AMF within Open5GS and attribute the issue to processing of abnormal NGSetupRequest mes...
PT-2025-46186
Name of the Vulnerable Software and Affected Versions Open5GS version 2.7.6 Description The software may experience a denial of service when receiving an abnormal NGSetupRequest message, causing the AMF component to crash. Recommendations At the moment, there is no information about a newer versi...
CVE-2025-63288
In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...
EUVD-2020-27249
Malware in sbrugna...