Medium
CVSS: 6.9
A vulnerability has been found in Open5GS up to 2.7.5. Affected is the function gmm_state_de_registered/gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to la…
Medium
CVSS: 5.5
A vulnerability was determined in Open5GS up to 2.7.5. This vulnerability affects the function smf_state_operational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The…
Medium
CVSS: 5.5
A vulnerability was found in Open5GS up to 2.7.5. This affects the function gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely.…
Medium
CVSS: 6.9
A vulnerability has been found in Open5GS up to 2.7.5. Affected by this issue is the function esm_handle_pdn_connectivity_request of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service.…
Medium
CVSS: 5.5
A vulnerability was identified in Open5GS up to 2.7.5. Affected by this vulnerability is the function amf_npcf_am_policy_control_build_create/amf_nsmf_pdusession_build_create_sm_context of the file src/amf/npcf-build.c of the component AMF.…
Medium
CVSS: 4.8
A vulnerability was found in Open5GS up to 2.7.5. It has been classified as problematic. Affected is the function amf_nsmf_pdusession_handle_release_sm_context of the file src/amf/nsmf-handler.c of the component AMF Service. The manipulatio…
Medium
CVSS: 4.8
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial Message Handler. The manipulation lead…
Medium
CVSS: 4.8
A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachabl…
High
CVSS: 7.1
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentRequest packet with restoration indication = true and (teid = 0 or teid >= ogs_pfcp_pdr_teid_pool.size…
High
CVSS: 7.8
A missing length check in `ogs_pfcp_subnet_add` function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the `session.dnn` field with a value with leng…
High
CVSS: 7.1
A missing length check in `ogs_pfcp_dev_add` function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the `session.dev` field with a value with length…
Medium
CVSS: 5.5
A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function common_register_state of the file src/mme/emm-sm.c of the component AMF/MME. The manipulation of the argum…
Medium
CVSS: 6.9
A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmm_state_authentication/emm_state_authentication of the component AMF/MME. The manipulation leads to reachable assertion. It…
Medium
CVSS: 6.9
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest M…
High
CVSS: 7.5
An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid…
Medium
CVSS: 6.5
An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial…
Medium
CVSS: 6.9
A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amf_nsmf_pdusession_handle_update_sm_context of the file src/amf/nsmf-handler.c of the component AMF. The manipulatio…
Medium
CVSS: 5.3
A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmm_state_authentication of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to deni…
High
CVSS: 7.5
An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmm_state_exception() function upon receipt of the Nausf_UEAuthentication_Authenticat…
High
CVSS: 7.5
An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the ogs_dbi_auth_info function in lib/dbi/subscription.c file.