CVE-2026-2521

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

EUVD-2026-6141

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521 Open5GS SGW-C sgwc_s5c_handle_create_session_response memory corruption

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

CVE-2026-2521 Open5GS SGW-C sgwc_s5c_handle_create_session_response memory corruption

A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwcs5chandlecreatesessionresponse of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and...

EUVD-2021-32228

Malicious code in bioql PyPI...

CVE-2021-45462

In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF...

CVE-2022-31201

SoftGuard Web SGW before 5.1.5 allows HTML injection...

CVE-2022-31201

SoftGuard Web SGW before 5.1.5 allows HTML injection...

CVE-2022-31201

CVE-2022-31201 affects SoftGuard Web (SGW) prior to 5.1.5. An HTML injection vulnerability in SGW enables injection within the web interface. Public records describe impact as the ability to access arbitrary files and download them via the vulnerable SGW SNMP Network Management Extension. The iss...

CVE-2022-31202

The CVE-2022-31202 entry concerns SoftGuard Web (SGW) prior to 5.1.5. The vulnerability is a directory traversal in the export functionality (export or man.tcl) that allows reading arbitrary local files. Affected component: SoftGuard Web (SGW)

sgw-rossdorf.de Cross Site Scripting vulnerability OBB-2738151

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SiHAS 授权问题漏洞

SiHAS firmware / old app is a firmware from the Korean company SiHAS. A security vulnerability exists in SiHAS's SGW-300, ACM-300, and GCM-300 that stems from the absence of account authentication and permission checking logic in existing applications. An attacker exploiting the vulnerability cou...

CVE-2021-26637

CVE-2021-26637 affects SiHAS SGW-300, ACM-300, and GCM-300 firmware/apps, due to missing account authentication and permission checks. This enables unauthorized users to remotely control the device over the network; no specific exploit details are provided in the documents. PT-2022-9785 reiterate...

CVE-2021-45462

In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF...

CVE-2021-45462

In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF...

Design/Logic Flaw

In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF...

CVE-2021-45462

CVE-2021-45462 affects Open5GS 2.4.0, where a crafted packet from a UE can crash the SGW-U/UPF, potentially enabling DoS on private 5G networks. The issue is linked to the SGW-U/UPF component and is described across multiple sources (Open5GS commit reference; Red Hat entry; Trend Micro noting a D...

CVE-2021-45462

In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF...

PT-2021-24241 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS version 2.4.0 Description: A crafted packet from a UE can cause a crash in the SGW-U/UPF component. This issue can potentially be used to deploy a denial-of-service DoS attack on private 5G networks. Recommendations: For Open5GS versi...