66 matches found
CVE-2026-44330 free5GC: NEF nnef-pfdmanagement API is unauthenticated; forged bearer tokens can read PFD data and create/delete PFD subscriptions
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can use a forged or arbitrary bearer token e.g. Authorization...
CVE-2026-20193 Cisco Identity Services Engine Authentication Bypass Vulnerability
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device. This vulnerability is due to improper role-based access control RBAC...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the PolicyDataSubsToNotifyPost process. An attacker can create unintended notification subscriptions with invalid, empty, or partially processed input by sending malformed or...
CVE-2026-40343
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
free5GC 代码问题漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC 1.4.2 and earlier contained code vulnerabilities. These vulnerabilities stemmed from a flaw in the UDR service, where open-ended failure request handling was flawed. As a result, the POST handler...
CVE-2026-40343
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
CVE-2026-40343 free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...
GHSA-JWCH-W7WH-GQJM free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions wit...
EUVD-2026-24555
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation...
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions wit...
CVE-2026-40249
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
CVE-2026-40249
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
CVE-2026-40249
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
CVE-2026-40249 free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
CVE-2026-40249
CVE-2026-40249 affects free5GC UDR (versions 4.2.1 and earlier). The PUT handler for /nudr-dr/v2/policy-data/subs-to-notify/{subsId} may continue processing after request body read or deserialization errors, invoking the processor with an uninitialized/partially initialized PolicyDataSubscription...
CVE-2026-40249 free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.1 contained security vulnerabilities. These vulnerabilities stemmed from the PUT request handler in the UDR service, which failed to properly return values after request parsing or...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the HandlePolicyDataSubsToNotifySubsIdPut process. An attacker can cause unintended modification of existing Policy Data notification subscriptions by sending malformed, empty, or...
Improper Check for Unusual or Exceptional Conditions
Overview github.com/free5gc/udr/internal/sbi is a None Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions. in the HandlePolicyDataSubsToNotifySubsIdPut process. An attacker can cause unintended modification of existing Policy Data notification...