Free5gc

Udm

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-27642

Exploit
  • EPSS 0.06%
  • Veröffentlicht 24.02.2026 00:18:56
  • Zuletzt bearbeitet 25.02.2026 16:44:26

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters (e.g., %00) into the supi param...

7.5

CVE-2025-69252

Exploit
  • EPSS 0.34%
  • Veröffentlicht 23.02.2026 23:56:55
  • Zuletzt bearbeitet 25.02.2026 16:46:15

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 have a NULL Pointer Dereference vulnerability. Remote unauthenticated attackers ca...

5.3

CVE-2025-69251

Exploit
  • EPSS 0.06%
  • Veröffentlicht 23.02.2026 23:53:03
  • Zuletzt bearbeitet 25.02.2026 16:46:00

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, remote attackers can inject control characters (e.g., %00) into the ueId param...

7.5

CVE-2025-69250

Exploit
  • EPSS 0.11%
  • Veröffentlicht 23.02.2026 23:45:02
  • Zuletzt bearbeitet 25.02.2026 16:45:38

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, the service reliably leaks detailed internal error messages (e.g., strconv.Par...

7.5

CVE-2023-46324

  • EPSS 0.07%
  • Veröffentlicht 23.10.2023 01:15:07
  • Zuletzt bearbeitet 21.11.2024 08:28:18

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the U...