Primary

Context

Open5GS UDR Component Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Open5GS versions through 2.7.7, specifically within the UDR component. The issue arises in the function 'ogs_dbi_subscription_data' located in the file '/lib/dbi/subscription.c'. The vulnerability is triggered by a malformed 'supi' identifier, which causes an assertion failure, leading to a crash. This issue can be exploited remotely, and has been publicly disclosed.

Impact

Exploitation of this vulnerability causes the Open5GS UDR component to crash, disrupting service.

Reproduction

The vulnerability can be reproduced by sending a request to the UDR endpoint with a prefix-only 'supi' parameter set to 'imsi'. This can be done directly or through a UDM-to-UDR forwarding chain, both of which will result in the same crash.

Added: May 3, 2026, 11:19 PM

Updated: May 3, 2026, 11:19 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

9.1

remediation

0.0

relevance

7.3

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

9.1

remediation

0.0

relevance

7.3

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open5GS UDR Component Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Open5GS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating