CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2023-49391
https://notcve.org/view.php?id=CVE-2023-49391
22 Dec 2023 — An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message. Se descubrió un problema en free5GC versión 3.3.0, que permite a atacantes remotos ejecutar código arbitrario y provocar una denegación de servicio (DoS) en el componente AMF a través de un mensaje NGAP manipulado. • https://github.com/free5gc/free5gc/issues/497 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47025
https://notcve.org/view.php?id=CVE-2023-47025
16 Nov 2023 — An issue in Free5gc v.3.3.0 allows a local attacker to cause a denial of service via the free5gc-compose component. Un problema en Free5gc v.3.3.0 permite que un atacante local provoque una denegación de servicio a través del componente free5gc-compose. • https://github.com/free5gc/free5gc/issues/501 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47345
https://notcve.org/view.php?id=CVE-2023-47345
15 Nov 2023 — Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero. La vulnerabilidad de desbordamiento del búfer en free5gc 3.3.0 permite a los atacantes provocar una denegación de servicio a través de un mensaje PFCP manipulado con un mensaje PFCP Heartbeat mal formado cuya longitud Recovery Time Stamp IE está mutada a cero. • https://github.com/free5gc/free5gc/issues/483 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47347
https://notcve.org/view.php?id=CVE-2023-47347
15 Nov 2023 — Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. La vulnerabilidad de desbordamiento del búfer en free5gc 3.3.0 permite a atacantes provocar una denegación de servicio a través de mensajes PFCP manipulados cuyo Número de Secuencia está mutado a bytes de desbordamiento. • https://github.com/free5gc/free5gc/issues/496 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-47346
https://notcve.org/view.php?id=CVE-2023-47346
13 Nov 2023 — Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages. Vulnerabilidad de desbordamiento del búfer en free5gc 3.3.0, UPF 1.2.0 y SMF 1.2.0 permite a atacantes provocar una denegación de servicio mediante mensajes PFCP manipulados. • https://github.com/free5gc/free5gc/issues/482 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-46324
https://notcve.org/view.php?id=CVE-2023-46324
23 Oct 2023 — pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker's public key. pkg/suci/suci.go en free5GC udm anterior a 1.2.0, cuando se usa Go anterior a 1.19, permite un Ataque de Curva no válida porque puede calcular un secreto compartido a través ... • https://github.com/free5gc/udm/compare/v1.1.1...v1.2.0 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4659 – Cross-Site Request Forgery in Free5Gc
https://notcve.org/view.php?id=CVE-2023-4659
02 Oct 2023 — Cross-Site Request Forgery vulnerability, whose exploitation could allow an attacker to perform different actions on the platform as an administrator, simply by changing the token value to "admin". It is also possible to perform POST, GET and DELETE requests without any token value. Therefore, an unprivileged remote user is able to create, delete and modify users within theapplication. Vulnerabilidad de Cross-Site Request Forgery, cuya explotación podría permitir a un atacante realizar diferentes acciones e... • https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-request-forgery-free5gc • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-38871
https://notcve.org/view.php?id=CVE-2022-38871
18 Nov 2022 — In Free5gc v3.0.5, the AMF breaks due to malformed NAS messages. En Free5gc v3.0.5, el AMF se interrumpe debido a mensajes NAS con formato incorrecto. • https://github.com/free5gc/free5gc/issues/198 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 85%CPEs: 1EXPL: 1CVE-2022-38870
https://notcve.org/view.php?id=CVE-2022-38870
25 Oct 2022 — Free5gc v3.2.1 is vulnerable to Information disclosure. Free5gc versión v3.2.1, es vulnerable a una divulgación de Información • https://github.com/free5gc/free5gc/issues/387 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43677
https://notcve.org/view.php?id=CVE-2022-43677
24 Oct 2022 — In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in aper.GetBitString. En free5GC versión 3.2.1, un mensaje NGAP malformado puede bloquear los descodificadores AMF y NGAP por medio de un pánico de índice fuera de rango en aper.GetBitString • https://github.com/free5gc/free5gc/issues/402 •