3 matches found
Expected Behavior Violation
Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the PFCP Association Setup Request process. An attacker can cause service disruption and trigger reconnection loops by sending a malformed request that is incorrectly accepted, resulting in an inconsisten...
CVE-2025-70123
An improper input validation and protocol compliance vulnerability in free5GC v4.0.1 allows remote attackers to cause a denial of service. The UPF incorrectly accepts a malformed PFCP Association Setup Request, violating 3GPP TS 29.244. This places the UPF in an inconsistent state where a...
PT-2026-8008
Name of the Vulnerable Software and Affected Versions free5GC version 4.0.1 Description An improper input validation and protocol compliance issue exists in free5GC version 4.0.1. The UPF component incorrectly accepts a malformed PFCP Association Setup Request, violating 3GPP TS 29.244. This lead...