CVE-2023-37005

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Failure message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

CVE-2023-37003

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Setup Response message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends "S1SETUP request" messages missing the required...

PT-2025-1411 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a malformed ASN.1 packet over the S1AP interface, triggering an assertion that can cause the MME to crash repeatedly, resulting in denial of service. This c...

PT-2025-1397 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions = 2.6.4 Description: The issue is related to an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Failure message missing a requir...

PT-2025-1395 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a malformed ASN.1 packet over the S1AP interface, triggering an assertion that can cause the MME to crash repeatedly, resulting in denial of service. This c...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "S1SETUP request" message missing the...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Response" message that...

PT-2025-1409

Name of the Vulnerable Software and Affected Versions Open5GS MME versions = 2.6.4 Description The issue is related to an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an S1Setup Request message missing a required Global eNB ID...

Vulnerability of the SAP setup tool for simplified installation and configuration. The SAP setup involves an uncontrolled search element, which allows attackers to increase their privileges.

The vulnerability of the SAP setup tool is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

PT-2025-1427 · Magma · Magma

Name of the Vulnerable Software and Affected Versions: Magma versions 1.8.0 and earlier Description: A Null pointer dereference issue in the Mobile Management Entity MME allows network-adjacent attackers to crash the MME via an S1AP "S1Setup Request" packet missing an expected Global eNB ID field...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which arises from the program incorrectly retaining setup privileges, and can be exploited by an attacker to elevate privileges without requiring addition...

PT-2025-1429 · Magma · Magma

Name of the Vulnerable Software and Affected Versions: Magma versions 1.8.0 and earlier Description: A null pointer dereference issue in the Mobile Management Entity MME allows network-adjacent attackers to crash the MME via an S1AP "S1Setup Request" packet that is missing an expected Supported T...

Exploit for Incorrect Conversion between Numeric Types in Apache Xalan-Java

CVE-2022-34169 PoC A malleable PoC and solution for the SU...

D-Link DIR-816 A2 /goform/form2AddVrtsrv.cgi Access Control Error Vulnerability

The D-Link DIR-816 is a wireless router from China's AUO D-Link. An access control error vulnerability exists in D-Link DIR-816 A2 version 1.10CNB05R1B011D88210, which stems from improper access control in /goform/form2AddVrtsrv.cgi. An attacker can exploit this vulnerability to be able to set up...

PT-2025-4745 · Re11S · Re11S

Name of the Vulnerable Software and Affected Versions: RE11S version 1.11 Description: A stack overflow issue was discovered in the formPPPoESetup function via the pppUserName parameter. This issue affects the PPPoE setup functionality. Recommendations: For RE11S version 1.11, as a temporary...

D-Link DIR-816A2 安全漏洞

The D-Link DIR-816A2 is a router from China's AUO D-Link. The D-Link DIR-816A2 suffers from an Access Control Error vulnerability that stems from improper access control of the form2RepeaterSetup.cgi component, which can be exploited by an unauthenticated attacker to set up 2.4G and 5G relay...

DEBIAN-CVE-2024-57889

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking If a device uses MCP23xxx IO expander to receive IRQs, the following bug can happen: BUG: sleeping function called from invalid context at...

CVE-2024-39798

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...