Lucene search
K

87 matches found

OSV
OSV
added 2025/04/22 12:0 a.m.3 views

CVE-2025-29339

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...

7.5CVSS7.1AI score0.00362EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/04/22 12:0 a.m.3 views

CVE-2025-29339

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...

7.5AI score0.00362EPSS
Exploits1References1
CVE
CVE
added 2025/04/22 12:0 a.m.56 views

CVE-2025-29339

Open5GS UPF (up to v2.7.2) is affected by CVE-2025-29339. An assertion failure occurs during PFCP Session Establishment Requests when PDN Type is 0, due to improper handling of an invalid value propagated from SMF (or via direct attack), leading to a fatal assertion and daemon crash. The vulnerab...

7.5CVSS7.1AI score0.00362EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/11/12 10:15 p.m.34 views

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...

7.5CVSS0.01028EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/12 12:0 a.m.11 views

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations NFVs such as the User Plane Function UPF and the Session Management Function SMF, The Packet Data Unit PDU session establishment process...

6.9AI score0.01028EPSS
Exploits1References1
CVE
CVE
added 2024/11/12 12:0 a.m.60 views

CVE-2024-51179

Open5GS v2.7.1 is affected by CVE-2024-51179, allowing a remote attacker to cause a denial of service via Network Function Virtualizations (NFVs) such as the User Plane Function (UPF) and the Session Management Function (SMF) during PDU session establishment. The vulnerability’s root cause and im...

7.5CVSS7AI score0.01028EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2023/11/13 10:15 p.m.16 views

CVE-2023-47346

Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages...

7.5CVSS0.00782EPSS
Exploits1References1
Prion
Prion
added 2023/11/13 10:15 p.m.23 views

Buffer overflow

Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages...

5CVSS7.3AI score0.00782EPSS
Exploits1References1Affected Software3
Cvelist
Cvelist
added 2023/11/13 12:0 a.m.21 views

CVE-2023-47346

Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages...

7.6AI score0.00782EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/11/13 12:0 a.m.12 views

CVE-2023-47346

Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages...

7AI score0.00782EPSS
Exploits1References1
CVE
CVE
added 2023/11/13 12:0 a.m.42 views

CVE-2023-47346

CVE-2023-47346 affects free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0. The root cause is a Buffer Overflow in PFCP message handling, which can be exploited to cause a Denial of Service. Several sources confirm the vulnerability and its impact; remediation guidance consistently states upgrading to a fixe...

7.5CVSS7.3AI score0.00782EPSS
Exploits1References1Affected Software3
OSV
OSV
added 2023/11/13 12:0 a.m.13 views

CVE-2023-47346

Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages...

7.5CVSS6.8AI score0.00782EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2023/06/05 1:8 p.m.9 views

seuelectronica.upf.edu Open Redirect vulnerability OBB-3391677

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.6AI score
Exploits0
NVD
NVD
added 2022/09/16 7:15 p.m.18 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.5CVSS0.01079EPSS
Exploits1References1
Prion
Prion
added 2022/09/16 7:15 p.m.12 views

Server side request forgery (ssrf)

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

5CVSS7.5AI score0.01079EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/09/16 6:2 p.m.14 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.5CVSS6.8AI score0.01079EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/09/16 6:2 p.m.20 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.7AI score0.01079EPSS
Exploits1References1
CVE
CVE
added 2022/09/16 6:2 p.m.64 views

CVE-2022-39063

Open5GS UPF contains a vulnerability (CVE-2022-39063) in PFCP Session Establishment handling: on receiving a request, it copies data into f_teid without validating the maximum length, so if pdi.local_f_teid.len exceeds the bound, memcpy overwrites fields (e.g., f_teid_len) after f_teid, and the o...

7.5CVSS7.4AI score0.01079EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.2 views

Open5GS 安全漏洞

Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.4.9 and earlier, which stems from the fact that if pdi.localfteid.len exceeds the maximum length of the fteid structure, memcpy overwrites...

7.5CVSS7.3AI score0.01079EPSS
Exploits1References2
NVD
NVD
added 2021/12/23 4:15 a.m.18 views

CVE-2021-45462

In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF...

7.5CVSS0.04405EPSS
Exploits0References2
Rows per page
Query Builder