CNNVD-202509-2781 Information
CNNVD ID
CNNVD-202509-2781
Related CVE
- CNNVD Published: 2025-09-17
Description (Chinese)
Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。 Open5GS v2.7.5版本存在安全漏洞,该漏洞源于parse_multipart函数未处理空HTTP主体,可能导致空指针取消引用和拒绝服务。
Description (English)
Open5GS is a 5G Core and Epc open-language C open source of Open5GS, the core network of the Lte/Nr network. Open5GS v2.7.5 contains a security loophole, which stems from the fact that the Parse multipart function does not address the empty HTTP subject, which may lead to the cancellation of references and denials of services by the empty pointer.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
openBI
Published
2025-09-17
Last Modified
2026-02-24
References
https://github.com/tsiamoulis/vuln-research/tree/main/CVE-2025-55904 https://github.com/open5gs/open5gs/commit/67ba7f92bbd7a378954895d96d9d7b05d5b64615 https://github.com/open5gs/open5gs/issues/3942 https://access.redhat.com/security/cve/cve-2025-55904
Patch
https://github.com/open5gs/open5gs/releases
Share on: