2 matches found
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained a security vulnerability. This vulnerability stemmed from a parser type confusion in the NRF’s OAuth2 token endpoint, which could potentially cause a panic due to a single...
PT-2026-29658
Description The oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skip permissions = true. It loads a record from the zz oauth2 table using the attacker-controlled GET parameter state, and during the OAuth2 configuration flow calls unserialize on the access token field without any...