CVE-2025-29646

Published: Jun 18, 2025Modified: Jul 9, 2025

7.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Exploitability: 2.8 / Impact: 4.2

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentRequest packet with restoration indication = true and (teid = 0 or teid >= ogs_pfcp_pdr_teid_pool.size).

Affected (1)

Products: Open5gs: Open5gs

Open5gs

1 product

Open5gs

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Open5gs Open5gs	Up to 2.7.2

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://gist.github.com/scmdcs/581fa485f957239ea5551daa173d0189

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/open5gs/open5gs/issues/3747

Source: cve@mitre.org

ExploitIssue Tracking

Timeline

No history available yet.