Free5gc

Free5gc

68 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-44322

Exploit
  • EPSS 0.39%
  • Veröffentlicht 27.05.2026 15:46:10
  • Zuletzt bearbeitet 28.05.2026 17:37:55

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF PATCH /3gpp-pfd-management/v1/{afId}/transactions/{transId}/applications/{appId} handler panics with a nil-pointer dereference when the upstream UDR call f...

6.5

CVE-2026-44323

Exploit
  • EPSS 0.35%
  • Veröffentlicht 27.05.2026 15:45:14
  • Zuletzt bearbeitet 28.05.2026 17:02:32

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscriptions handler contains a nil-pointer dereference reachable f...

6.5

CVE-2026-44324

Exploit
  • EPSS 0.42%
  • Veröffentlicht 27.05.2026 15:44:27
  • Zuletzt bearbeitet 28.05.2026 16:52:20

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscriptions handler panics on a single authenticated request again...

7.5

CVE-2026-44325

Exploit
  • EPSS 0.39%
  • Veröffentlicht 27.05.2026 15:43:34
  • Zuletzt bearbeitet 28.05.2026 16:51:24

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in NFs/nrf/internal/sbi/api_accesstoken.go reflects ove...

9.4

CVE-2026-44326

Exploit
  • EPSS 0.31%
  • Veröffentlicht 27.05.2026 15:41:38
  • Zuletzt bearbeitet 28.05.2026 16:25:38

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, ...

10

CVE-2026-44327

Exploit
  • EPSS 0.31%
  • Veröffentlicht 27.05.2026 15:40:41
  • Zuletzt bearbeitet 28.05.2026 16:24:54

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route wi...

8.2

CVE-2026-44328

Exploit
  • EPSS 0.32%
  • Veröffentlicht 27.05.2026 15:39:44
  • Zuletzt bearbeitet 28.05.2026 16:24:05

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. On top of that, the DELETE /upi/v1/upNodesLinks/{upNodeRef} handler unconditionall...

10

CVE-2026-44329

Exploit
  • EPSS 0.33%
  • Veröffentlicht 27.05.2026 15:38:35
  • Zuletzt bearbeitet 28.05.2026 16:23:13

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI end...

10

CVE-2026-44330

Exploit
  • EPSS 0.29%
  • Veröffentlicht 27.05.2026 15:36:40
  • Zuletzt bearbeitet 28.05.2026 13:06:07

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can use a forg...

5.3

CVE-2026-44318

Exploit
  • EPSS 0.27%
  • Veröffentlicht 27.05.2026 15:35:41
  • Zuletzt bearbeitet 28.05.2026 18:24:58

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's BSF PUT /nbsf-management/v1/subscriptions/{subId} handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RL...