Shodan
Vulnerabilities
Vulnerable Software
Open5gs:  >> Open5gs  Security Vulnerabilities
CVE-2023-37014
Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a `UE Context Release Request` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-01-22
CVE-2023-37002
Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `E-RAB Modification Indication` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-01-22
CVE-2023-37003
Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `E-RAB Setup Response` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-01-22
CVE-2023-37004
Open5GS MME versions <= 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `Initial Context Setup Response` message missing a required `MME_UE_S1AP_ID` field to repeatedly crash the MME, resulting in denial of service.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-01-22
CVE-2024-24427
A reachable assertion in the amf_ue_set_suci function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-21
CVE-2024-24428
A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-01-21
CVE-2024-24431
A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-11-15
CVE-2024-51179
An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations (NFVs) such as the User Plane Function (UPF) and the Session Management Function (SMF), The Packet Data Unit (PDU) session establishment process.
CVSS Score
7.5
EPSS Score
0.08
Published
2024-11-12
CVE-2024-40129
Open5GS v2.6.4 is vulnerable to Buffer Overflow. via /lib/pfcp/context.c.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-07-16
CVE-2024-40130
open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-07-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved