Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-29339

Опубликовано: 22 апр. 2025
Источник: nvd
CVSS3: 7.5
EPSS Низкий

Описание

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF (or via direct attack), triggering a fatal assertion check and causing a daemon crash.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Версия до 2.7.2 (включая)

EPSS

Процентиль: 17%
0.00056
Низкий

7.5 High

CVSS3

Дефекты

CWE-617

Связанные уязвимости

debian логотип

CVE-2025-29339

CVSS3: 7.5
debian
10 месяцев назад

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assert ...

github логотип

GHSA-v7m9-pm9f-frqg

CVSS3: 7.5
github
10 месяцев назад

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF (or via direct attack), triggering a fatal assertion check and causing a daemon crash.

EPSS

Процентиль: 17%
0.00056
Низкий

7.5 High

CVSS3

Дефекты

CWE-617