Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Open5gsOpen5gs

70 matches found

CVE
CVEadded 2022/04/05 2:15 a.m.81 views

CVE-2021-44108

A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf.

7.5CVSS7.3AI score0.00561EPSS
CVE
CVEadded 2022/04/05 2:15 a.m.80 views

CVE-2021-44109

A buffer overflow in lib/sbi/message.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request.

7.5CVSS7.6AI score0.00597EPSS
CVE
CVEadded 2025/02/03 8:15 p.m.69 views

CVE-2024-56921

An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmm_state_exception() function upon receipt of the Nausf_UEAuthentication_Authenticate response.

7.5CVSS7AI score0.00158EPSS
CVE
CVEadded 2022/09/26 1:15 p.m.67 views

CVE-2022-3299

A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The name of the ...

6.5CVSS5.4AI score0.00073EPSS
CVE
CVEadded 2025/01/28 11:15 p.m.65 views

CVE-2024-57519

An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the ogs_dbi_auth_info function in lib/dbi/subscription.c file.

7.5CVSS6.8AI score0.00419EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.63 views

CVE-2023-37014

Open5GS MME versions

7.5CVSS6.4AI score0.00152EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.60 views

CVE-2023-37022

Open5GS MME versions

7.5CVSS6.5AI score0.00152EPSS
CVE
CVEadded 2025/03/04 1:15 a.m.59 views

CVE-2025-1893

A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmm_state_authentication of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. This vu...

7.5CVSS4.6AI score0.0012EPSS
CVE
CVEadded 2025/01/21 11:15 p.m.56 views

CVE-2024-24427

A reachable assertion in the amf_ue_set_suci function of Open5GS

7.5CVSS6.4AI score0.00079EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.53 views

CVE-2024-24430

A reachable assertion in the mme_ue_find_by_imsi function of Open5GS

7.5CVSS6.7AI score0.0006EPSS
CVE
CVEadded 2022/03/29 4:15 p.m.52 views

CVE-2021-44081

A buffer overflow vulnerability exists in the AMF of open5gs 2.1.4. When the length of MSIN in Supi exceeds 24 characters, it leads to AMF denial of service.

7.5CVSS7.6AI score0.0031EPSS
CVE
CVEadded 2023/10/03 3:15 p.m.52 views

CVE-2023-4882

DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash.

7.5CVSS7.5AI score0.00069EPSS
CVE
CVEadded 2023/10/03 3:15 p.m.52 views

CVE-2023-4884

An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.

7.5CVSS6.5AI score0.00056EPSS
CVE
CVEadded 2024/05/08 5:15 p.m.52 views

CVE-2024-33382

An issue in Open5GS v.2.7.0 allows an attacker to cause a denial of service via the 64 unsuccessful UE/gnb registration

5.3CVSS6.7AI score0.0019EPSS
CVE
CVEadded 2025/01/21 11:15 p.m.51 views

CVE-2024-24428

A reachable assertion in the oai_nas_5gmm_decode function of Open5GS

7.5CVSS6.4AI score0.00079EPSS
CVE
CVEadded 2022/09/29 1:15 p.m.50 views

CVE-2022-40890

A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service.

7.5CVSS7.4AI score0.0012EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.50 views

CVE-2024-24432

A reachable assertion in the ogs_kdf_hash_mme function of Open5GS

5.3CVSS6.7AI score0.00018EPSS
CVE
CVEadded 2022/09/16 7:15 p.m.49 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct f_teid without chec...

7.5CVSS7.4AI score0.003EPSS
CVE
CVEadded 2024/01/02 10:15 p.m.49 views

CVE-2023-50020

An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to crash AMF.

7.5CVSS7.4AI score0.00339EPSS
CVE
CVEadded 2024/05/05 12:15 a.m.48 views

CVE-2024-34475

Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: gmm_state_authentication in amf/gmm-sm.c for != OGS_ERROR.

7.5CVSS6.7AI score0.00207EPSS
CVE
CVEadded 2024/05/05 12:15 a.m.47 views

CVE-2024-34476

Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: ogs_nas_encrypt in lib/nas/common/security.c for pkbuf->len.

5.3CVSS6.7AI score0.00082EPSS
CVE
CVEadded 2021/12/23 4:15 a.m.46 views

CVE-2021-45462

In Open5GS 2.4.0, a crafted packet from UE can crash SGW-U/UPF.

7.5CVSS7.4AI score0.00356EPSS
CVE
CVEadded 2022/11/01 2:15 p.m.46 views

CVE-2022-43222

open5gs v2.4.11 was discovered to contain a memory leak in the component src/smf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.

7.5CVSS7.2AI score0.00085EPSS
CVE
CVEadded 2022/11/01 2:15 p.m.46 views

CVE-2022-43223

open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted UE attachment.

7.5CVSS7.2AI score0.00089EPSS
CVE
CVEadded 2023/10/03 3:15 p.m.46 views

CVE-2023-4885

Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information.

6.5CVSS6AI score0.00066EPSS
CVE
CVEadded 2024/07/16 7:15 p.m.46 views

CVE-2024-40130

open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.

9.8CVSS6.9AI score0.0023EPSS
CVE
CVEadded 2025/01/22 4:15 p.m.45 views

CVE-2024-24429

A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS

8.6CVSS6.7AI score0.00053EPSS
CVE
CVEadded 2024/11/15 7:15 p.m.45 views

CVE-2024-24431

A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length.

7.5CVSS6.9AI score0.00438EPSS
CVE
CVEadded 2024/01/02 10:15 p.m.44 views

CVE-2023-50019

An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of Nudm_UECM_Registration response.

5.9CVSS5.6AI score0.00326EPSS
CVE
CVEadded 2024/07/16 7:15 p.m.43 views

CVE-2024-40129

Open5GS v2.6.4 is vulnerable to Buffer Overflow. via /lib/pfcp/context.c.

9.8CVSS6.9AI score0.00219EPSS
CVE
CVEadded 2025/06/03 2:15 p.m.43 views

CVE-2025-5501

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable asserti...

6.9CVSS5.3AI score0.00136EPSS
CVE
CVEadded 2025/06/03 6:15 p.m.43 views

CVE-2025-5520

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmm_state_authentication/emm_state_authentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack remotely. The exploit has ...

6.9CVSS5.3AI score0.0029EPSS
CVE
CVEadded 2022/11/01 2:15 p.m.42 views

CVE-2022-43221

open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.

7.5CVSS7.2AI score0.00089EPSS
CVE
CVEadded 2025/03/12 5:15 p.m.42 views

CVE-2025-25774

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service (DoS).

6.5CVSS6.9AI score0.00162EPSS
CVE
CVEadded 2025/04/22 5:16 p.m.42 views

CVE-2025-29339

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF (or via direct attack), triggerin...

7.5CVSS7.1AI score0.00075EPSS
CVE
CVEadded 2024/11/12 10:15 p.m.41 views

CVE-2024-51179

An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations (NFVs) such as the User Plane Function (UPF) and the Session Management Function (SMF), The Packet Data Unit (PDU) session establishment process.

7.5CVSS7AI score0.06296EPSS
CVE
CVEadded 2021/01/26 6:16 p.m.40 views

CVE-2021-25863

Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account.

8.8CVSS8.8AI score0.00107EPSS
CVE
CVEadded 2021/03/10 3:15 p.m.39 views

CVE-2021-28122

A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. The WebUI component allows an unauthenticated user to use a crafted HTTP API request to create, read, update, or delete entries in the subscriber database. For example, new administrative users can be added. The ...

9.8CVSS9.3AI score0.01097EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.39 views

CVE-2023-37011

Open5GS MME versions

6.3CVSS7AI score0.00054EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.39 views

CVE-2023-37020

Open5GS MME versions

8.6CVSS6.8AI score0.00044EPSS
CVE
CVEadded 2025/03/04 2:15 p.m.39 views

CVE-2025-1925

A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amf_nsmf_pdusession_handle_update_sm_context of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be launched re...

7.5CVSS5.3AI score0.00279EPSS
CVE
CVEadded 2025/06/10 5:15 a.m.39 views

CVE-2025-5935

A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function common_register_state of the file src/mme/emm-sm.c of the component AMF/MME. The manipulation of the argument ran_ue_id leads to denial of service. The attack can be...

6.9CVSS5.3AI score0.00082EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.38 views

CVE-2023-37016

Open5GS MME versions

8.6CVSS6.4AI score0.00044EPSS
CVE
CVEadded 2023/10/03 3:15 p.m.38 views

CVE-2023-4883

Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function), and triggering the ogs_sbi_message_free function, which could cause a...

7.5CVSS7.4AI score0.00068EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.37 views

CVE-2023-37003

Open5GS MME versions

5.3CVSS6.8AI score0.00018EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.37 views

CVE-2023-37007

Open5GS MME versions

5.3CVSS6.5AI score0.00018EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.37 views

CVE-2023-37008

Open5GS MME versions

5.3CVSS7.8AI score0.00009EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.37 views

CVE-2023-37012

Open5GS MME versions

5.3CVSS7AI score0.00018EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.37 views

CVE-2023-37013

Open5GS MME versions

7.3CVSS6.9AI score0.00056EPSS
CVE
CVEadded 2025/01/22 3:15 p.m.37 views

CVE-2023-37015

Open5GS MME versions

8.6CVSS6.8AI score0.00044EPSS
Total number of security vulnerabilities70